microsoft · Jun 24, 2020 · Jun 23, 2020 · Jun 24, 2020 · Jun 24, 2020 · Jun 24, 2020
diff --git a/src/Sarif.Multitool/Rules/RuleId.cs b/src/Sarif.Multitool/Rules/RuleId.cs
@@ -17,6 +17,7 @@ public static class RuleId
         public const string ReferenceFinalSchema = "SARIF1011";
 
         public const string AuthorHighQualityMessages = "SARIF2001";
+        public const string ProvideHelpfulToolInformation = "SARIF2005";
         public const string ProvideSchema = "SARIF2008";
     }
 }
diff --git a/src/Sarif.Multitool/Rules/RuleResources.Designer.cs b/src/Sarif.Multitool/Rules/RuleResources.Designer.cs
diff --git a/src/Sarif.Multitool/Rules/RuleResources.resx b/src/Sarif.Multitool/Rules/RuleResources.resx
@@ -204,4 +204,16 @@
   <data name="SARIF1007_RegionPropertiesMustBeConsistent_FullDescription_Text" xml:space="preserve">
     <value>Placeholder_SARIF1007_RegionPropertiesMustBeConsistent_FullDescription_Text</value>
   </data>
+  <data name="SARIF2005_ProvideHelpfulToolInformation_FullDescription_Text" xml:space="preserve">
+    <value>Placeholder</value>
+  </data>
+  <data name="SARIF2005_ProvideHelpfulToolInformation_Warning_ProvideConciseToolName_Text" xml:space="preserve">
+    <value>{0}: Placeholder '{1}' '{2}' '{3}'</value>
+  </data>
+  <data name="SARIF2005_ProvideHelpfulToolInformation_Warning_ProvideToolVersion_Text" xml:space="preserve">
+    <value>{0}: Placeholder</value>
+  </data>
+  <data name="SARIF2005_ProvideHelpfulToolInformation_Warning_UseNumericToolVersions_Text" xml:space="preserve">
+    <value>{0}: Placeholder '{1}'</value>
+  </data>
 </root>
diff --git a/src/Sarif.Multitool/Rules/SARIF2005.ProvideHelpfulToolInformation.cs b/src/Sarif.Multitool/Rules/SARIF2005.ProvideHelpfulToolInformation.cs
@@ -0,0 +1,93 @@
+// Copyright (c) Microsoft. All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
+
+using System;
+using System.Collections.Generic;
+using System.Text.RegularExpressions;
+
+using Microsoft.Json.Pointer;
+
+namespace Microsoft.CodeAnalysis.Sarif.Multitool.Rules
+{
+    public class ProvideHelpfulToolInformation : SarifValidationSkimmerBase
+    {
+        /// <summary>
+        /// SARIF2005
+        /// </summary>
+        public override string Id => RuleId.ProvideHelpfulToolInformation;
+
+        /// <summary>
+        /// Placeholder (full description).
+        /// </summary>
+        public override MultiformatMessageString FullDescription => new MultiformatMessageString { Text = RuleResources.SARIF2005_ProvideHelpfulToolInformation_FullDescription_Text };
+
+        protected override IEnumerable<string> MessageResourceNames => new string[] {
+                    nameof(RuleResources.SARIF2005_ProvideHelpfulToolInformation_Warning_ProvideToolVersion_Text),
+                    nameof(RuleResources.SARIF2005_ProvideHelpfulToolInformation_Warning_ProvideConciseToolName_Text),
+                    nameof(RuleResources.SARIF2005_ProvideHelpfulToolInformation_Warning_UseNumericToolVersions_Text)
+                };
+
+        public override FailureLevel DefaultLevel => FailureLevel.Warning;
+
+        private static readonly Regex s_versionRegex = new Regex(@"^\d+\.\d+.*", RegexOptions.Compiled | RegexOptions.CultureInvariant);
+
+        protected override void Analyze(Tool tool, string toolPointer)
+        {
+            if (tool.Driver != null)
+            {
+                AnalyzeToolDriver(tool.Driver, toolPointer.AtProperty(SarifPropertyName.Driver));
+            }
+        }
+
+        private void AnalyzeToolDriver(ToolComponent toolComponent, string toolDriverPointer)
+        {
+            // ProvideConciseToolName: Ensure that tool.driver.name isn't more than 3 words long
+            if (!string.IsNullOrEmpty(toolComponent.Name))
+            {
+                const int MaxWords = 3;
+                int wordCount = toolComponent.Name.Split(new char[] { ' ' }, StringSplitOptions.RemoveEmptyEntries).Length;
+                if (wordCount > MaxWords)
+                {
+                    string driverNamePointer = toolDriverPointer.AtProperty(SarifPropertyName.Name);
+
+                    // {0}: Placeholder '{1}' '{2}' '{3}'
+                    LogResult(
+                        driverNamePointer,
+                        nameof(RuleResources.SARIF2005_ProvideHelpfulToolInformation_Warning_ProvideConciseToolName_Text),
+                        toolComponent.Name,
+                        wordCount.ToString(),
+                        MaxWords.ToString());
+                }
+            }
+
+            // ProvideToolVersion: Either tool.driver.version or tool.driver.semanticVersion should be there.
+            if (string.IsNullOrWhiteSpace(toolComponent.Version) && string.IsNullOrWhiteSpace(toolComponent.SemanticVersion))
+            {
+                // {0}: Placeholder
+                LogResult(
+                    toolDriverPointer,
+                    nameof(RuleResources.SARIF2005_ProvideHelpfulToolInformation_Warning_ProvideToolVersion_Text));
+            }
+            else
+            {
+                // UseNumericToolVersions
+                if (!string.IsNullOrWhiteSpace(toolComponent.Version))
+                {
+                    AnalyzeVersion(toolComponent.Version, toolDriverPointer.AtProperty(SarifPropertyName.Version));
+                }
+            }
+        }
+
+        private void AnalyzeVersion(string version, string pointer)
+        {
+            if (!s_versionRegex.IsMatch(version))
+            {
+                // {0}: Placeholder '{1}'
+                LogResult(
+                    pointer,
+                    nameof(RuleResources.SARIF2005_ProvideHelpfulToolInformation_Warning_UseNumericToolVersions_Text),
+                    version);
+            }
+        }
+    }
+}
diff --git a/src/Sarif.Multitool/SarifPropertyName.cs b/src/Sarif.Multitool/SarifPropertyName.cs
@@ -51,6 +51,7 @@ public static class SarifPropertyName
         public const string Markdown = "markdown";
         public const string Message = "message";
         public const string MessageStrings = "messageStrings";
+        public const string Name = "name";
         public const string Nodes = "nodes";
         public const string NotificationConfigurationOverrides = "notificationConfigurationOverrides";
         public const string Notifications = "notifications";
@@ -74,6 +75,7 @@ public static class SarifPropertyName
         public const string RunGraphIndex = "runGraphIndex";
         public const string Runs = "runs";
         public const string Schema = "$schema";
+        public const string SemanticVersion = "semanticVersion";
         public const string ShortDescription = "shortDescription";
         public const string Stacks = "stacks";
         public const string Stdin = "stdin";
@@ -90,6 +92,7 @@ public static class SarifPropertyName
         public const string ToolConfigurationNotifications = "toolConfigurationNotifications";
         public const string ToolExecutionNotifications = "toolExecutionNotifications";
         public const string Uri = "uri";
+        public const string Version = "version";
         public const string VersionControlProvenance = "versionControlProvenance";
         public const string WebRequest = "webRequest";
         public const string WebRequests = "webRequests";

diff --git a/src/Test.FunctionalTests.Sarif/Multitool/ValidateCommandTests.cs b/src/Test.FunctionalTests.Sarif/Multitool/ValidateCommandTests.cs
@@ -122,12 +122,20 @@ public void SARIF1011_ReferenceFinalSchema_Invalid()
 
         [Fact]
         public void SARIF2001_AuthorHighQualityMessages_Valid()
-    => RunTest(MakeValidTestFileName(RuleId.AuthorHighQualityMessages, nameof(RuleId.AuthorHighQualityMessages)));
+            => RunTest(MakeValidTestFileName(RuleId.AuthorHighQualityMessages, nameof(RuleId.AuthorHighQualityMessages)));
 
         [Fact]
         public void SARIF2001_AuthorHighQualityMessages_Invalid()
             => RunTest(MakeInvalidTestFileName(RuleId.AuthorHighQualityMessages, nameof(RuleId.AuthorHighQualityMessages)));
 
+        [Fact]
+        public void SARIF2005_ProvideHelpfulToolInformation_Valid()
+            => RunTest(MakeValidTestFileName(RuleId.ProvideHelpfulToolInformation, nameof(RuleId.ProvideHelpfulToolInformation)));
+
+        [Fact]
+        public void SARIF2005_ProvideHelpfulToolInformation_Invalid()
+            => RunTest(MakeInvalidTestFileName(RuleId.ProvideHelpfulToolInformation, nameof(RuleId.ProvideHelpfulToolInformation)));
+
         [Fact]
         public void SARIF2008_ProvideSchema_Valid()
             => RunTest(MakeValidTestFileName(RuleId.ProvideSchema, nameof(RuleId.ProvideSchema)));

diff --git a/...titool/ValidateCommand/ExpectedOutputs/SARIF1001.RuleIdentifiersMustBeValid_Invalid.sarif b/...titool/ValidateCommand/ExpectedOutputs/SARIF1001.RuleIdentifiersMustBeValid_Invalid.sarif
@@ -57,7 +57,7 @@
                   "index": 0
                 },
                 "region": {
-                  "startLine": 10,
+                  "startLine": 11,
                   "startColumn": 13
                 }
               }
@@ -81,7 +81,7 @@
                   "index": 0
                 },
                 "region": {
-                  "startLine": 14,
+                  "startLine": 15,
                   "startColumn": 13
                 }
               }

diff --git a/...estData/Multitool/ValidateCommand/ExpectedOutputs/SARIF1002.UrisMustBeValid_Invalid.sarif b/...estData/Multitool/ValidateCommand/ExpectedOutputs/SARIF1002.UrisMustBeValid_Invalid.sarif
@@ -99,7 +99,7 @@
                   "index": 0
                 },
                 "region": {
-                  "startLine": 35,
+                  "startLine": 36,
                   "startColumn": 49
                 }
               }
@@ -124,7 +124,7 @@
                   "index": 0
                 },
                 "region": {
-                  "startLine": 57,
+                  "startLine": 58,
                   "startColumn": 54
                 }
               }
@@ -149,7 +149,7 @@
                   "index": 0
                 },
                 "region": {
-                  "startLine": 54,
+                  "startLine": 55,
                   "startColumn": 43
                 }
               }
@@ -174,7 +174,7 @@
                   "index": 0
                 },
                 "region": {
-                  "startLine": 41,
+                  "startLine": 42,
                   "startColumn": 43
                 }
               }
@@ -199,7 +199,7 @@
                   "index": 0
                 },
                 "region": {
-                  "startLine": 9,
+                  "startLine": 10,
                   "startColumn": 82
                 }
               }
@@ -224,7 +224,7 @@
                   "index": 0
                 },
                 "region": {
-                  "startLine": 13,
+                  "startLine": 14,
                   "startColumn": 69
                 }
               }
@@ -249,7 +249,7 @@
                   "index": 0
                 },
                 "region": {
-                  "startLine": 17,
+                  "startLine": 18,
                   "startColumn": 69
                 }
               }
@@ -274,7 +274,7 @@
                   "index": 0
                 },
                 "region": {
-                  "startLine": 23,
+                  "startLine": 24,
                   "startColumn": 69
                 }
               }
@@ -299,7 +299,7 @@
                   "index": 0
                 },
                 "region": {
-                  "startLine": 30,
+                  "startLine": 31,
                   "startColumn": 60
                 }
               }