mirror of
https://github.com/github/codeql-action
synced 2026-05-22 00:00:34 +03:00
Apply suggestions from code review
Co-authored-by: Henry Mercer <henrymercer@github.com>
This commit is contained in:
Nick Fyson
Generated
+1
-1
@@ -238,7 +238,7 @@ exports.resolveUriToFile = resolveUriToFile;
|
||||
// Compute fingerprints for results in the given sarif file
|
||||
// and return an updated sarif file contents.
|
||||
async function addFingerprints(sarif, sourceRoot, logger) {
|
||||
logger.info(`Adding fingerprints to SARIF file`);
|
||||
logger.info("Adding fingerprints to SARIF file. For more information, see https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs");
|
||||
// Gather together results for the same file and construct
|
||||
// callbacks to accept hashes for that file and update the location
|
||||
const callbacksByFile = {};
|
||||
|
||||
File diff suppressed because one or more lines are too long
Generated
+5
-5
@@ -85,7 +85,7 @@ function areAllRunsProducedByCodeQL(sarifFiles) {
|
||||
// CodeQL. Otherwise, it will fall back to combining the files in the action.
|
||||
// Returns the contents of the combined sarif file.
|
||||
async function combineSarifFilesUsingCLI(sarifFiles, gitHubVersion, features, logger) {
|
||||
logger.info(`Combining sarif files using CLI`);
|
||||
logger.info("Combining SARIF files using the CodeQL CLI");
|
||||
if (sarifFiles.length === 1) {
|
||||
return JSON.parse(fs.readFileSync(sarifFiles[0], "utf8"));
|
||||
}
|
||||
@@ -291,7 +291,7 @@ exports.validateSarifFileSchema = validateSarifFileSchema;
|
||||
// buildPayload constructs a map ready to be uploaded to the API from the given
|
||||
// parameters, respecting the current mode and target GitHub instance version.
|
||||
function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, workflowRunAttempt, checkoutURI, environment, toolNames, mergeBaseCommitOid, logger) {
|
||||
logger.info(`Combining sarif files using CLI`);
|
||||
logger.info(`Combining SARIF files using CLI`);
|
||||
const payloadObj = {
|
||||
commit_oid: commitOid,
|
||||
ref,
|
||||
@@ -345,11 +345,11 @@ async function uploadFiles(sarifFiles, repositoryNwo, commitOid, ref, analysisKe
|
||||
sarif = await fingerprints.addFingerprints(sarif, sourceRoot, logger);
|
||||
sarif = populateRunAutomationDetails(sarif, category, analysisKey, environment);
|
||||
const toolNames = util.getToolNames(sarif);
|
||||
logger.debug(`Validating unique category in sarif`);
|
||||
logger.debug(`Validating that each SARIF run has a unique category`);
|
||||
validateUniqueCategory(sarif);
|
||||
logger.debug(`Stringifying sarif for upload`);
|
||||
logger.debug(`Serializing SARIF for upload`);
|
||||
const sarifPayload = JSON.stringify(sarif);
|
||||
logger.debug(`Compressing sarif payload`);
|
||||
logger.debug(`Compressing serialized SARIF`);
|
||||
const zippedSarif = zlib_1.default.gzipSync(sarifPayload).toString("base64");
|
||||
const checkoutURI = (0, file_url_1.default)(sourceRoot);
|
||||
const payload = buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, workflowRunID, workflowRunAttempt, checkoutURI, environment, toolNames, await actionsUtil.determineMergeBaseCommitOid(), logger);
|
||||
|
||||
File diff suppressed because one or more lines are too long
+1
-1
@@ -259,7 +259,7 @@ export async function addFingerprints(
|
||||
sourceRoot: string,
|
||||
logger: Logger,
|
||||
): Promise<SarifFile> {
|
||||
logger.info(`Adding fingerprints to SARIF file`);
|
||||
logger.info("Adding fingerprints to SARIF file. For more information, see https://docs.github.com/en/enterprise-cloud@latest/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#providing-data-to-track-code-scanning-alerts-across-runs");
|
||||
// Gather together results for the same file and construct
|
||||
// callbacks to accept hashes for that file and update the location
|
||||
const callbacksByFile: { [filename: string]: hashCallback[] } = {};
|
||||
|
||||
+5
-5
@@ -88,7 +88,7 @@ async function combineSarifFilesUsingCLI(
|
||||
features: Features,
|
||||
logger: Logger,
|
||||
): Promise<SarifFile> {
|
||||
logger.info(`Combining sarif files using CLI`);
|
||||
logger.info("Combining SARIF files using the CodeQL CLI");
|
||||
if (sarifFiles.length === 1) {
|
||||
return JSON.parse(fs.readFileSync(sarifFiles[0], "utf8")) as SarifFile;
|
||||
}
|
||||
@@ -420,7 +420,7 @@ export function buildPayload(
|
||||
mergeBaseCommitOid: string | undefined,
|
||||
logger: Logger,
|
||||
) {
|
||||
logger.info(`Combining sarif files using CLI`);
|
||||
logger.info(`Combining SARIF files using CLI`);
|
||||
const payloadObj = {
|
||||
commit_oid: commitOid,
|
||||
ref,
|
||||
@@ -514,11 +514,11 @@ async function uploadFiles(
|
||||
|
||||
const toolNames = util.getToolNames(sarif);
|
||||
|
||||
logger.debug(`Validating unique category in sarif`);
|
||||
logger.debug(`Validating that each SARIF run has a unique category`);
|
||||
validateUniqueCategory(sarif);
|
||||
logger.debug(`Stringifying sarif for upload`);
|
||||
logger.debug(`Serializing SARIF for upload`);
|
||||
const sarifPayload = JSON.stringify(sarif);
|
||||
logger.debug(`Compressing sarif payload`);
|
||||
logger.debug(`Compressing serialized SARIF`);
|
||||
const zippedSarif = zlib.gzipSync(sarifPayload).toString("base64");
|
||||
const checkoutURI = fileUrl(sourceRoot);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user