Skip to content

Commit

Permalink
Adding rule SARIF2005.ProvideHelpfulToolInformation (#1926)
Browse files Browse the repository at this point in the history
  • Loading branch information
@eddynaka
eddynaka authored Jun 24, 2020
1 parent 6553f21 commit 0f5989f
Show file tree
Hide file tree
Showing 44 changed files with 438 additions and 98 deletions.
1 change: 1 addition & 0 deletions src/Sarif.Multitool/Rules/RuleId.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ public static class RuleId
public const string ReferenceFinalSchema = "SARIF1011";

public const string AuthorHighQualityMessages = "SARIF2001";
public const string ProvideHelpfulToolInformation = "SARIF2005";
public const string ProvideSchema = "SARIF2008";
}
}
36 changes: 36 additions & 0 deletions src/Sarif.Multitool/Rules/RuleResources.Designer.cs
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 12 additions & 0 deletions src/Sarif.Multitool/Rules/RuleResources.resx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -204,4 +204,16 @@
<data name="SARIF1007_RegionPropertiesMustBeConsistent_FullDescription_Text" xml:space="preserve">
<value>Placeholder_SARIF1007_RegionPropertiesMustBeConsistent_FullDescription_Text</value>
</data>
<data name="SARIF2005_ProvideHelpfulToolInformation_FullDescription_Text" xml:space="preserve">
<value>Placeholder</value>
</data>
<data name="SARIF2005_ProvideHelpfulToolInformation_Warning_ProvideConciseToolName_Text" xml:space="preserve">
<value>{0}: Placeholder '{1}' '{2}' '{3}'</value>
</data>
<data name="SARIF2005_ProvideHelpfulToolInformation_Warning_ProvideToolVersion_Text" xml:space="preserve">
<value>{0}: Placeholder</value>
</data>
<data name="SARIF2005_ProvideHelpfulToolInformation_Warning_UseNumericToolVersions_Text" xml:space="preserve">
<value>{0}: Placeholder '{1}'</value>
</data>
</root>
93 changes: 93 additions & 0 deletions src/Sarif.Multitool/Rules/SARIF2005.ProvideHelpfulToolInformation.cs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
// Copyright (c) Microsoft. All rights reserved.
// Licensed under the MIT license. See LICENSE file in the project root for full license information.

using System;
using System.Collections.Generic;
using System.Text.RegularExpressions;

using Microsoft.Json.Pointer;

namespace Microsoft.CodeAnalysis.Sarif.Multitool.Rules
{
public class ProvideHelpfulToolInformation : SarifValidationSkimmerBase
{
/// <summary>
/// SARIF2005
/// </summary>
public override string Id => RuleId.ProvideHelpfulToolInformation;

/// <summary>
/// Placeholder (full description).
/// </summary>
public override MultiformatMessageString FullDescription => new MultiformatMessageString { Text = RuleResources.SARIF2005_ProvideHelpfulToolInformation_FullDescription_Text };

protected override IEnumerable<string> MessageResourceNames => new string[] {
nameof(RuleResources.SARIF2005_ProvideHelpfulToolInformation_Warning_ProvideToolVersion_Text),
nameof(RuleResources.SARIF2005_ProvideHelpfulToolInformation_Warning_ProvideConciseToolName_Text),
nameof(RuleResources.SARIF2005_ProvideHelpfulToolInformation_Warning_UseNumericToolVersions_Text)
};

public override FailureLevel DefaultLevel => FailureLevel.Warning;

private static readonly Regex s_versionRegex = new Regex(@"^\d+\.\d+.*", RegexOptions.Compiled | RegexOptions.CultureInvariant);

protected override void Analyze(Tool tool, string toolPointer)
{
if (tool.Driver != null)
{
AnalyzeToolDriver(tool.Driver, toolPointer.AtProperty(SarifPropertyName.Driver));
}
}

private void AnalyzeToolDriver(ToolComponent toolComponent, string toolDriverPointer)
{
// ProvideConciseToolName: Ensure that tool.driver.name isn't more than 3 words long
if (!string.IsNullOrEmpty(toolComponent.Name))
{
const int MaxWords = 3;
int wordCount = toolComponent.Name.Split(new char[] { ' ' }, StringSplitOptions.RemoveEmptyEntries).Length;
if (wordCount > MaxWords)
{
string driverNamePointer = toolDriverPointer.AtProperty(SarifPropertyName.Name);

// {0}: Placeholder '{1}' '{2}' '{3}'
LogResult(
driverNamePointer,
nameof(RuleResources.SARIF2005_ProvideHelpfulToolInformation_Warning_ProvideConciseToolName_Text),
toolComponent.Name,
wordCount.ToString(),
MaxWords.ToString());
}
}

// ProvideToolVersion: Either tool.driver.version or tool.driver.semanticVersion should be there.
if (string.IsNullOrWhiteSpace(toolComponent.Version) && string.IsNullOrWhiteSpace(toolComponent.SemanticVersion))
{
// {0}: Placeholder
LogResult(
toolDriverPointer,
nameof(RuleResources.SARIF2005_ProvideHelpfulToolInformation_Warning_ProvideToolVersion_Text));
}
else
{
// UseNumericToolVersions
if (!string.IsNullOrWhiteSpace(toolComponent.Version))
{
AnalyzeVersion(toolComponent.Version, toolDriverPointer.AtProperty(SarifPropertyName.Version));
}
}
}

private void AnalyzeVersion(string version, string pointer)
{
if (!s_versionRegex.IsMatch(version))
{
// {0}: Placeholder '{1}'
LogResult(
pointer,
nameof(RuleResources.SARIF2005_ProvideHelpfulToolInformation_Warning_UseNumericToolVersions_Text),
version);
}
}
}
}
3 changes: 3 additions & 0 deletions src/Sarif.Multitool/SarifPropertyName.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ public static class SarifPropertyName
public const string Markdown = "markdown";
public const string Message = "message";
public const string MessageStrings = "messageStrings";
public const string Name = "name";
public const string Nodes = "nodes";
public const string NotificationConfigurationOverrides = "notificationConfigurationOverrides";
public const string Notifications = "notifications";
Expand All @@ -74,6 +75,7 @@ public static class SarifPropertyName
public const string RunGraphIndex = "runGraphIndex";
public const string Runs = "runs";
public const string Schema = "$schema";
public const string SemanticVersion = "semanticVersion";
public const string ShortDescription = "shortDescription";
public const string Stacks = "stacks";
public const string Stdin = "stdin";
Expand All @@ -90,6 +92,7 @@ public static class SarifPropertyName
public const string ToolConfigurationNotifications = "toolConfigurationNotifications";
public const string ToolExecutionNotifications = "toolExecutionNotifications";
public const string Uri = "uri";
public const string Version = "version";
public const string VersionControlProvenance = "versionControlProvenance";
public const string WebRequest = "webRequest";
public const string WebRequests = "webRequests";
Expand Down
10 changes: 9 additions & 1 deletion src/Test.FunctionalTests.Sarif/Multitool/ValidateCommandTests.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -122,12 +122,20 @@ public void SARIF1011_ReferenceFinalSchema_Invalid()

[Fact]
public void SARIF2001_AuthorHighQualityMessages_Valid()
=> RunTest(MakeValidTestFileName(RuleId.AuthorHighQualityMessages, nameof(RuleId.AuthorHighQualityMessages)));
=> RunTest(MakeValidTestFileName(RuleId.AuthorHighQualityMessages, nameof(RuleId.AuthorHighQualityMessages)));

[Fact]
public void SARIF2001_AuthorHighQualityMessages_Invalid()
=> RunTest(MakeInvalidTestFileName(RuleId.AuthorHighQualityMessages, nameof(RuleId.AuthorHighQualityMessages)));

[Fact]
public void SARIF2005_ProvideHelpfulToolInformation_Valid()
=> RunTest(MakeValidTestFileName(RuleId.ProvideHelpfulToolInformation, nameof(RuleId.ProvideHelpfulToolInformation)));

[Fact]
public void SARIF2005_ProvideHelpfulToolInformation_Invalid()
=> RunTest(MakeInvalidTestFileName(RuleId.ProvideHelpfulToolInformation, nameof(RuleId.ProvideHelpfulToolInformation)));

[Fact]
public void SARIF2008_ProvideSchema_Valid()
=> RunTest(MakeValidTestFileName(RuleId.ProvideSchema, nameof(RuleId.ProvideSchema)));
Expand Down
4 changes: 2 additions & 2 deletions ...titool/ValidateCommand/ExpectedOutputs/SARIF1001.RuleIdentifiersMustBeValid_Invalid.sarif
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@
"index": 0
},
"region": {
"startLine": 10,
"startLine": 11,
"startColumn": 13
}
}
Expand All @@ -81,7 +81,7 @@
"index": 0
},
"region": {
"startLine": 14,
"startLine": 15,
"startColumn": 13
}
}
Expand Down
18 changes: 9 additions & 9 deletions ...estData/Multitool/ValidateCommand/ExpectedOutputs/SARIF1002.UrisMustBeValid_Invalid.sarif
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@
"index": 0
},
"region": {
"startLine": 35,
"startLine": 36,
"startColumn": 49
}
}
Expand All @@ -124,7 +124,7 @@
"index": 0
},
"region": {
"startLine": 57,
"startLine": 58,
"startColumn": 54
}
}
Expand All @@ -149,7 +149,7 @@
"index": 0
},
"region": {
"startLine": 54,
"startLine": 55,
"startColumn": 43
}
}
Expand All @@ -174,7 +174,7 @@
"index": 0
},
"region": {
"startLine": 41,
"startLine": 42,
"startColumn": 43
}
}
Expand All @@ -199,7 +199,7 @@
"index": 0
},
"region": {
"startLine": 9,
"startLine": 10,
"startColumn": 82
}
}
Expand All @@ -224,7 +224,7 @@
"index": 0
},
"region": {
"startLine": 13,
"startLine": 14,
"startColumn": 69
}
}
Expand All @@ -249,7 +249,7 @@
"index": 0
},
"region": {
"startLine": 17,
"startLine": 18,
"startColumn": 69
}
}
Expand All @@ -274,7 +274,7 @@
"index": 0
},
"region": {
"startLine": 23,
"startLine": 24,
"startColumn": 69
}
}
Expand All @@ -299,7 +299,7 @@
"index": 0
},
"region": {
"startLine": 30,
"startLine": 31,
"startColumn": 60
}
}
Expand Down
Loading

0 comments on commit 0f5989f

Please sign in to comment.