actions/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action synced 2026-05-23 20:00:54 +03:00
Code Issues Packages Projects Releases Wiki Activity

Do not alias types

Browse Source
This commit is contained in:
Michael B. Gale
2026-03-02 20:47:19 +00:00
parent 9a31859f78
commit b43d146e37
11 changed files with 185 additions and 190 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/analyze-action.js
Generated
+28 -28
View File
@@ -112377,12 +112377,12 @@ function resolveUriToFile(location, artifacts, sourceRoot, logger) {
}
return uri;
}
async function addFingerprints(sarif, sourceRoot, logger) {
async function addFingerprints(sarifLog, sourceRoot, logger) {
logger.info(
`Adding fingerprints to SARIF file. See ${"https://docs.github.com/en/code-security/reference/code-scanning/sarif-support-for-code-scanning#data-for-preventing-duplicated-alerts" /* TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS */} for more information.`
);
const callbacksByFile = {};
for (const run2 of sarif.runs || []) {
for (const run2 of sarifLog.runs || []) {
const artifacts = run2.artifacts || [];
for (const result of run2.results || []) {
const primaryLocation = (result.locations || [])[0];
@@ -112422,7 +112422,7 @@ async function addFingerprints(sarif, sourceRoot, logger) {
};
await hash(teeCallback, filepath);
}
return sarif;
return sarifLog;
}
// src/init.ts
@@ -112678,9 +112678,9 @@ async function getGroupedSarifFilePaths(logger, sarifPath) {
}
return results;
}
function countResultsInSarif(sarif) {
function countResultsInSarif(sarifLog) {
let numResults = 0;
const parsedSarif = JSON.parse(sarif);
const parsedSarif = JSON.parse(sarifLog);
if (!Array.isArray(parsedSarif.runs)) {
throw new InvalidSarifUploadError("Invalid SARIF. Missing 'runs' array.");
}
@@ -112703,8 +112703,8 @@ function readSarifFile2(sarifFilePath) {
);
}
}
function validateSarifFileSchema(sarif, sarifFilePath, logger) {
if (areAllRunsProducedByCodeQL([sarif]) && // We want to validate CodeQL SARIF in testing environments.
function validateSarifFileSchema(sarifLog, sarifFilePath, logger) {
if (areAllRunsProducedByCodeQL([sarifLog]) && // We want to validate CodeQL SARIF in testing environments.
!getTestingEnvironment()) {
logger.debug(
`Skipping SARIF schema validation for ${sarifFilePath} as all runs are produced by CodeQL.`
@@ -112713,7 +112713,7 @@ function validateSarifFileSchema(sarif, sarifFilePath, logger) {
}
logger.info(`Validating ${sarifFilePath}`);
const schema2 = require_sarif_schema_2_1_0();
const result = new jsonschema2.Validator().validate(sarif, schema2);
const result = new jsonschema2.Validator().validate(sarifLog, schema2);
const warningAttributes = ["uri-reference", "uri"];
const errors = (result.errors ?? []).filter(
(err) => !(err.name === "format" && typeof err.argument === "string" && warningAttributes.includes(err.argument))
@@ -112776,14 +112776,14 @@ function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, wo
async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths, category, analysis) {
logger.info(`Post-processing sarif files: ${JSON.stringify(sarifPaths)}`);
const gitHubVersion = await getGitHubVersion();
let sarif;
let sarifLog;
category = analysis.fixCategory(logger, category);
if (sarifPaths.length > 1) {
for (const sarifPath of sarifPaths) {
const parsedSarif = readSarifFile2(sarifPath);
validateSarifFileSchema(parsedSarif, sarifPath, logger);
}
sarif = await combineSarifFilesUsingCLI(
sarifLog = await combineSarifFilesUsingCLI(
sarifPaths,
gitHubVersion,
features,
@@ -112791,21 +112791,21 @@ async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths,
);
} else {
const sarifPath = sarifPaths[0];
sarif = readSarifFile2(sarifPath);
validateSarifFileSchema(sarif, sarifPath, logger);
await throwIfCombineSarifFilesDisabled([sarif], gitHubVersion);
sarifLog = readSarifFile2(sarifPath);
validateSarifFileSchema(sarifLog, sarifPath, logger);
await throwIfCombineSarifFilesDisabled([sarifLog], gitHubVersion);
}
sarif = filterAlertsByDiffRange(logger, sarif);
sarif = await addFingerprints(sarif, checkoutPath, logger);
sarifLog = filterAlertsByDiffRange(logger, sarifLog);
sarifLog = await addFingerprints(sarifLog, checkoutPath, logger);
const analysisKey = await getAnalysisKey();
const environment = getRequiredInput("matrix");
sarif = populateRunAutomationDetails(
sarif,
sarifLog = populateRunAutomationDetails(
sarifLog,
category,
analysisKey,
environment
);
return { sarif, analysisKey, environment };
return { sarif: sarifLog, analysisKey, environment };
}
async function writePostProcessedFiles(logger, pathInput, uploadTarget, postProcessingResults) {
const outputPath = pathInput || getOptionalEnvVar("CODEQL_ACTION_SARIF_DUMP_DIR" /* SARIF_DUMP_DIR */);
@@ -112822,12 +112822,12 @@ async function writePostProcessedFiles(logger, pathInput, uploadTarget, postProc
}
async function uploadPostProcessedFiles(logger, checkoutPath, uploadTarget, postProcessingResults) {
logger.startGroup(`Uploading ${uploadTarget.name} results`);
const sarif = postProcessingResults.sarif;
const toolNames = getToolNames(sarif);
const sarifLog = postProcessingResults.sarif;
const toolNames = getToolNames(sarifLog);
logger.debug(`Validating that each SARIF run has a unique category`);
validateUniqueCategory(sarif, uploadTarget.sentinelPrefix);
validateUniqueCategory(sarifLog, uploadTarget.sentinelPrefix);
logger.debug(`Serializing SARIF for upload`);
const sarifPayload = JSON.stringify(sarif);
const sarifPayload = JSON.stringify(sarifLog);
logger.debug(`Compressing serialized SARIF`);
const zippedSarif = import_zlib.default.gzipSync(sarifPayload).toString("base64");
const checkoutURI = url.pathToFileURL(checkoutPath).href;
@@ -112979,9 +112979,9 @@ function handleProcessingResultForUnsuccessfulExecution(response, status, logger
assertNever(status);
}
}
function validateUniqueCategory(sarif, sentinelPrefix) {
function validateUniqueCategory(sarifLog, sentinelPrefix) {
const categories = {};
for (const run2 of sarif.runs) {
for (const run2 of sarifLog.runs) {
const id = run2?.automationDetails?.id;
const tool = run2.tool?.driver?.name;
const category = `${sanitize(id)}_${sanitize(tool)}`;
@@ -113000,13 +113000,13 @@ function validateUniqueCategory(sarif, sentinelPrefix) {
function sanitize(str2) {
return (str2 ?? "_").replace(/[^a-zA-Z0-9_]/g, "_").toLocaleUpperCase();
}
function filterAlertsByDiffRange(logger, sarif) {
function filterAlertsByDiffRange(logger, sarifLog) {
const diffRanges = readDiffRangesJsonFile(logger);
if (!diffRanges?.length) {
return sarif;
return sarifLog;
}
const checkoutPath = getRequiredInput("checkout_path");
for (const run2 of sarif.runs) {
for (const run2 of sarifLog.runs) {
if (run2.results) {
run2.results = run2.results.filter((result) => {
const locations = [
@@ -113027,7 +113027,7 @@ function filterAlertsByDiffRange(logger, sarif) {
});
}
}
return sarif;
return sarifLog;
}
// src/upload-sarif.ts
lib/init-action-post.js
Generated
+28 -28
View File
@@ -169453,12 +169453,12 @@ function resolveUriToFile(location, artifacts, sourceRoot, logger) {
}
return uri;
}
async function addFingerprints(sarif, sourceRoot, logger) {
async function addFingerprints(sarifLog, sourceRoot, logger) {
logger.info(
`Adding fingerprints to SARIF file. See ${"https://docs.github.com/en/code-security/reference/code-scanning/sarif-support-for-code-scanning#data-for-preventing-duplicated-alerts" /* TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS */} for more information.`
);
const callbacksByFile = {};
for (const run3 of sarif.runs || []) {
for (const run3 of sarifLog.runs || []) {
const artifacts = run3.artifacts || [];
for (const result of run3.results || []) {
const primaryLocation = (result.locations || [])[0];
@@ -169498,7 +169498,7 @@ async function addFingerprints(sarif, sourceRoot, logger) {
};
await hash(teeCallback, filepath);
}
return sarif;
return sarifLog;
}
// src/init.ts
@@ -169723,9 +169723,9 @@ function getSarifFilePaths(sarifPath, isSarif) {
}
return sarifFiles;
}
function countResultsInSarif(sarif) {
function countResultsInSarif(sarifLog) {
let numResults = 0;
const parsedSarif = JSON.parse(sarif);
const parsedSarif = JSON.parse(sarifLog);
if (!Array.isArray(parsedSarif.runs)) {
throw new InvalidSarifUploadError("Invalid SARIF. Missing 'runs' array.");
}
@@ -169748,8 +169748,8 @@ function readSarifFile2(sarifFilePath) {
);
}
}
function validateSarifFileSchema(sarif, sarifFilePath, logger) {
if (areAllRunsProducedByCodeQL([sarif]) && // We want to validate CodeQL SARIF in testing environments.
function validateSarifFileSchema(sarifLog, sarifFilePath, logger) {
if (areAllRunsProducedByCodeQL([sarifLog]) && // We want to validate CodeQL SARIF in testing environments.
!getTestingEnvironment()) {
logger.debug(
`Skipping SARIF schema validation for ${sarifFilePath} as all runs are produced by CodeQL.`
@@ -169758,7 +169758,7 @@ function validateSarifFileSchema(sarif, sarifFilePath, logger) {
}
logger.info(`Validating ${sarifFilePath}`);
const schema2 = require_sarif_schema_2_1_0();
const result = new jsonschema2.Validator().validate(sarif, schema2);
const result = new jsonschema2.Validator().validate(sarifLog, schema2);
const warningAttributes = ["uri-reference", "uri"];
const errors = (result.errors ?? []).filter(
(err) => !(err.name === "format" && typeof err.argument === "string" && warningAttributes.includes(err.argument))
@@ -169821,14 +169821,14 @@ function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, wo
async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths, category, analysis) {
logger.info(`Post-processing sarif files: ${JSON.stringify(sarifPaths)}`);
const gitHubVersion = await getGitHubVersion();
let sarif;
let sarifLog;
category = analysis.fixCategory(logger, category);
if (sarifPaths.length > 1) {
for (const sarifPath of sarifPaths) {
const parsedSarif = readSarifFile2(sarifPath);
validateSarifFileSchema(parsedSarif, sarifPath, logger);
}
sarif = await combineSarifFilesUsingCLI(
sarifLog = await combineSarifFilesUsingCLI(
sarifPaths,
gitHubVersion,
features,
@@ -169836,21 +169836,21 @@ async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths,
);
} else {
const sarifPath = sarifPaths[0];
sarif = readSarifFile2(sarifPath);
validateSarifFileSchema(sarif, sarifPath, logger);
await throwIfCombineSarifFilesDisabled([sarif], gitHubVersion);
sarifLog = readSarifFile2(sarifPath);
validateSarifFileSchema(sarifLog, sarifPath, logger);
await throwIfCombineSarifFilesDisabled([sarifLog], gitHubVersion);
}
sarif = filterAlertsByDiffRange(logger, sarif);
sarif = await addFingerprints(sarif, checkoutPath, logger);
sarifLog = filterAlertsByDiffRange(logger, sarifLog);
sarifLog = await addFingerprints(sarifLog, checkoutPath, logger);
const analysisKey = await getAnalysisKey();
const environment = getRequiredInput("matrix");
sarif = populateRunAutomationDetails(
sarif,
sarifLog = populateRunAutomationDetails(
sarifLog,
category,
analysisKey,
environment
);
return { sarif, analysisKey, environment };
return { sarif: sarifLog, analysisKey, environment };
}
async function uploadFiles(inputSarifPath, checkoutPath, category, features, logger, uploadTarget) {
const sarifPaths = getSarifFilePaths(
@@ -169884,12 +169884,12 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
}
async function uploadPostProcessedFiles(logger, checkoutPath, uploadTarget, postProcessingResults) {
logger.startGroup(`Uploading ${uploadTarget.name} results`);
const sarif = postProcessingResults.sarif;
const toolNames = getToolNames(sarif);
const sarifLog = postProcessingResults.sarif;
const toolNames = getToolNames(sarifLog);
logger.debug(`Validating that each SARIF run has a unique category`);
validateUniqueCategory(sarif, uploadTarget.sentinelPrefix);
validateUniqueCategory(sarifLog, uploadTarget.sentinelPrefix);
logger.debug(`Serializing SARIF for upload`);
const sarifPayload = JSON.stringify(sarif);
const sarifPayload = JSON.stringify(sarifLog);
logger.debug(`Compressing serialized SARIF`);
const zippedSarif = import_zlib.default.gzipSync(sarifPayload).toString("base64");
const checkoutURI = url.pathToFileURL(checkoutPath).href;
@@ -170026,9 +170026,9 @@ function handleProcessingResultForUnsuccessfulExecution(response, status, logger
assertNever(status);
}
}
function validateUniqueCategory(sarif, sentinelPrefix) {
function validateUniqueCategory(sarifLog, sentinelPrefix) {
const categories = {};
for (const run3 of sarif.runs) {
for (const run3 of sarifLog.runs) {
const id = run3?.automationDetails?.id;
const tool = run3.tool?.driver?.name;
const category = `${sanitize(id)}_${sanitize(tool)}`;
@@ -170047,13 +170047,13 @@ function validateUniqueCategory(sarif, sentinelPrefix) {
function sanitize(str2) {
return (str2 ?? "_").replace(/[^a-zA-Z0-9_]/g, "_").toLocaleUpperCase();
}
function filterAlertsByDiffRange(logger, sarif) {
function filterAlertsByDiffRange(logger, sarifLog) {
const diffRanges = readDiffRangesJsonFile(logger);
if (!diffRanges?.length) {
return sarif;
return sarifLog;
}
const checkoutPath = getRequiredInput("checkout_path");
for (const run3 of sarif.runs) {
for (const run3 of sarifLog.runs) {
if (run3.results) {
run3.results = run3.results.filter((result) => {
const locations = [
@@ -170074,7 +170074,7 @@ function filterAlertsByDiffRange(logger, sarif) {
});
}
}
return sarif;
return sarifLog;
}
// src/workflow.ts
lib/upload-lib.js
Generated
+28 -28
View File
@@ -110264,12 +110264,12 @@ function resolveUriToFile(location, artifacts, sourceRoot, logger) {
}
return uri;
}
async function addFingerprints(sarif, sourceRoot, logger) {
async function addFingerprints(sarifLog, sourceRoot, logger) {
logger.info(
`Adding fingerprints to SARIF file. See ${"https://docs.github.com/en/code-security/reference/code-scanning/sarif-support-for-code-scanning#data-for-preventing-duplicated-alerts" /* TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS */} for more information.`
);
const callbacksByFile = {};
for (const run of sarif.runs || []) {
for (const run of sarifLog.runs || []) {
const artifacts = run.artifacts || [];
for (const result of run.results || []) {
const primaryLocation = (result.locations || [])[0];
@@ -110309,7 +110309,7 @@ async function addFingerprints(sarif, sourceRoot, logger) {
};
await hash(teeCallback, filepath);
}
return sarif;
return sarifLog;
}
// src/init.ts
@@ -110582,9 +110582,9 @@ async function getGroupedSarifFilePaths(logger, sarifPath) {
}
return results;
}
function countResultsInSarif(sarif) {
function countResultsInSarif(sarifLog) {
let numResults = 0;
const parsedSarif = JSON.parse(sarif);
const parsedSarif = JSON.parse(sarifLog);
if (!Array.isArray(parsedSarif.runs)) {
throw new InvalidSarifUploadError("Invalid SARIF. Missing 'runs' array.");
}
@@ -110607,8 +110607,8 @@ function readSarifFile2(sarifFilePath) {
);
}
}
function validateSarifFileSchema(sarif, sarifFilePath, logger) {
if (areAllRunsProducedByCodeQL([sarif]) && // We want to validate CodeQL SARIF in testing environments.
function validateSarifFileSchema(sarifLog, sarifFilePath, logger) {
if (areAllRunsProducedByCodeQL([sarifLog]) && // We want to validate CodeQL SARIF in testing environments.
!getTestingEnvironment()) {
logger.debug(
`Skipping SARIF schema validation for ${sarifFilePath} as all runs are produced by CodeQL.`
@@ -110617,7 +110617,7 @@ function validateSarifFileSchema(sarif, sarifFilePath, logger) {
}
logger.info(`Validating ${sarifFilePath}`);
const schema2 = require_sarif_schema_2_1_0();
const result = new jsonschema2.Validator().validate(sarif, schema2);
const result = new jsonschema2.Validator().validate(sarifLog, schema2);
const warningAttributes = ["uri-reference", "uri"];
const errors = (result.errors ?? []).filter(
(err) => !(err.name === "format" && typeof err.argument === "string" && warningAttributes.includes(err.argument))
@@ -110680,14 +110680,14 @@ function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, wo
async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths, category, analysis) {
logger.info(`Post-processing sarif files: ${JSON.stringify(sarifPaths)}`);
const gitHubVersion = await getGitHubVersion();
let sarif;
let sarifLog;
category = analysis.fixCategory(logger, category);
if (sarifPaths.length > 1) {
for (const sarifPath of sarifPaths) {
const parsedSarif = readSarifFile2(sarifPath);
validateSarifFileSchema(parsedSarif, sarifPath, logger);
}
sarif = await combineSarifFilesUsingCLI(
sarifLog = await combineSarifFilesUsingCLI(
sarifPaths,
gitHubVersion,
features,
@@ -110695,21 +110695,21 @@ async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths,
);
} else {
const sarifPath = sarifPaths[0];
sarif = readSarifFile2(sarifPath);
validateSarifFileSchema(sarif, sarifPath, logger);
await throwIfCombineSarifFilesDisabled([sarif], gitHubVersion);
sarifLog = readSarifFile2(sarifPath);
validateSarifFileSchema(sarifLog, sarifPath, logger);
await throwIfCombineSarifFilesDisabled([sarifLog], gitHubVersion);
}
sarif = filterAlertsByDiffRange(logger, sarif);
sarif = await addFingerprints(sarif, checkoutPath, logger);
sarifLog = filterAlertsByDiffRange(logger, sarifLog);
sarifLog = await addFingerprints(sarifLog, checkoutPath, logger);
const analysisKey = await getAnalysisKey();
const environment = getRequiredInput("matrix");
sarif = populateRunAutomationDetails(
sarif,
sarifLog = populateRunAutomationDetails(
sarifLog,
category,
analysisKey,
environment
);
return { sarif, analysisKey, environment };
return { sarif: sarifLog, analysisKey, environment };
}
async function writePostProcessedFiles(logger, pathInput, uploadTarget, postProcessingResults) {
const outputPath = pathInput || getOptionalEnvVar("CODEQL_ACTION_SARIF_DUMP_DIR" /* SARIF_DUMP_DIR */);
@@ -110756,12 +110756,12 @@ async function uploadSpecifiedFiles(sarifPaths, checkoutPath, category, features
}
async function uploadPostProcessedFiles(logger, checkoutPath, uploadTarget, postProcessingResults) {
logger.startGroup(`Uploading ${uploadTarget.name} results`);
const sarif = postProcessingResults.sarif;
const toolNames = getToolNames(sarif);
const sarifLog = postProcessingResults.sarif;
const toolNames = getToolNames(sarifLog);
logger.debug(`Validating that each SARIF run has a unique category`);
validateUniqueCategory(sarif, uploadTarget.sentinelPrefix);
validateUniqueCategory(sarifLog, uploadTarget.sentinelPrefix);
logger.debug(`Serializing SARIF for upload`);
const sarifPayload = JSON.stringify(sarif);
const sarifPayload = JSON.stringify(sarifLog);
logger.debug(`Compressing serialized SARIF`);
const zippedSarif = import_zlib.default.gzipSync(sarifPayload).toString("base64");
const checkoutURI = url.pathToFileURL(checkoutPath).href;
@@ -110913,9 +110913,9 @@ function handleProcessingResultForUnsuccessfulExecution(response, status, logger
assertNever(status);
}
}
function validateUniqueCategory(sarif, sentinelPrefix) {
function validateUniqueCategory(sarifLog, sentinelPrefix) {
const categories = {};
for (const run of sarif.runs) {
for (const run of sarifLog.runs) {
const id = run?.automationDetails?.id;
const tool = run.tool?.driver?.name;
const category = `${sanitize(id)}_${sanitize(tool)}`;
@@ -110934,13 +110934,13 @@ function validateUniqueCategory(sarif, sentinelPrefix) {
function sanitize(str2) {
return (str2 ?? "_").replace(/[^a-zA-Z0-9_]/g, "_").toLocaleUpperCase();
}
function filterAlertsByDiffRange(logger, sarif) {
function filterAlertsByDiffRange(logger, sarifLog) {
const diffRanges = readDiffRangesJsonFile(logger);
if (!diffRanges?.length) {
return sarif;
return sarifLog;
}
const checkoutPath = getRequiredInput("checkout_path");
for (const run of sarif.runs) {
for (const run of sarifLog.runs) {
if (run.results) {
run.results = run.results.filter((result) => {
const locations = [
@@ -110961,7 +110961,7 @@ function filterAlertsByDiffRange(logger, sarif) {
});
}
}
return sarif;
return sarifLog;
}
// Annotate the CommonJS export names for ESM import in node:
0 && (module.exports = {
lib/upload-sarif-action.js
Generated
+28 -28
View File
@@ -110856,12 +110856,12 @@ function resolveUriToFile(location, artifacts, sourceRoot, logger) {
}
return uri;
}
async function addFingerprints(sarif, sourceRoot, logger) {
async function addFingerprints(sarifLog, sourceRoot, logger) {
logger.info(
`Adding fingerprints to SARIF file. See ${"https://docs.github.com/en/code-security/reference/code-scanning/sarif-support-for-code-scanning#data-for-preventing-duplicated-alerts" /* TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS */} for more information.`
);
const callbacksByFile = {};
for (const run2 of sarif.runs || []) {
for (const run2 of sarifLog.runs || []) {
const artifacts = run2.artifacts || [];
for (const result of run2.results || []) {
const primaryLocation = (result.locations || [])[0];
@@ -110901,7 +110901,7 @@ async function addFingerprints(sarif, sourceRoot, logger) {
};
await hash(teeCallback, filepath);
}
return sarif;
return sarifLog;
}
// src/init.ts
@@ -111157,9 +111157,9 @@ async function getGroupedSarifFilePaths(logger, sarifPath) {
}
return results;
}
function countResultsInSarif(sarif) {
function countResultsInSarif(sarifLog) {
let numResults = 0;
const parsedSarif = JSON.parse(sarif);
const parsedSarif = JSON.parse(sarifLog);
if (!Array.isArray(parsedSarif.runs)) {
throw new InvalidSarifUploadError("Invalid SARIF. Missing 'runs' array.");
}
@@ -111182,8 +111182,8 @@ function readSarifFile2(sarifFilePath) {
);
}
}
function validateSarifFileSchema(sarif, sarifFilePath, logger) {
if (areAllRunsProducedByCodeQL([sarif]) && // We want to validate CodeQL SARIF in testing environments.
function validateSarifFileSchema(sarifLog, sarifFilePath, logger) {
if (areAllRunsProducedByCodeQL([sarifLog]) && // We want to validate CodeQL SARIF in testing environments.
!getTestingEnvironment()) {
logger.debug(
`Skipping SARIF schema validation for ${sarifFilePath} as all runs are produced by CodeQL.`
@@ -111192,7 +111192,7 @@ function validateSarifFileSchema(sarif, sarifFilePath, logger) {
}
logger.info(`Validating ${sarifFilePath}`);
const schema2 = require_sarif_schema_2_1_0();
const result = new jsonschema2.Validator().validate(sarif, schema2);
const result = new jsonschema2.Validator().validate(sarifLog, schema2);
const warningAttributes = ["uri-reference", "uri"];
const errors = (result.errors ?? []).filter(
(err) => !(err.name === "format" && typeof err.argument === "string" && warningAttributes.includes(err.argument))
@@ -111255,14 +111255,14 @@ function buildPayload(commitOid, ref, analysisKey, analysisName, zippedSarif, wo
async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths, category, analysis) {
logger.info(`Post-processing sarif files: ${JSON.stringify(sarifPaths)}`);
const gitHubVersion = await getGitHubVersion();
let sarif;
let sarifLog;
category = analysis.fixCategory(logger, category);
if (sarifPaths.length > 1) {
for (const sarifPath of sarifPaths) {
const parsedSarif = readSarifFile2(sarifPath);
validateSarifFileSchema(parsedSarif, sarifPath, logger);
}
sarif = await combineSarifFilesUsingCLI(
sarifLog = await combineSarifFilesUsingCLI(
sarifPaths,
gitHubVersion,
features,
@@ -111270,21 +111270,21 @@ async function postProcessSarifFiles(logger, features, checkoutPath, sarifPaths,
);
} else {
const sarifPath = sarifPaths[0];
sarif = readSarifFile2(sarifPath);
validateSarifFileSchema(sarif, sarifPath, logger);
await throwIfCombineSarifFilesDisabled([sarif], gitHubVersion);
sarifLog = readSarifFile2(sarifPath);
validateSarifFileSchema(sarifLog, sarifPath, logger);
await throwIfCombineSarifFilesDisabled([sarifLog], gitHubVersion);
}
sarif = filterAlertsByDiffRange(logger, sarif);
sarif = await addFingerprints(sarif, checkoutPath, logger);
sarifLog = filterAlertsByDiffRange(logger, sarifLog);
sarifLog = await addFingerprints(sarifLog, checkoutPath, logger);
const analysisKey = await getAnalysisKey();
const environment = getRequiredInput("matrix");
sarif = populateRunAutomationDetails(
sarif,
sarifLog = populateRunAutomationDetails(
sarifLog,
category,
analysisKey,
environment
);
return { sarif, analysisKey, environment };
return { sarif: sarifLog, analysisKey, environment };
}
async function writePostProcessedFiles(logger, pathInput, uploadTarget, postProcessingResults) {
const outputPath = pathInput || getOptionalEnvVar("CODEQL_ACTION_SARIF_DUMP_DIR" /* SARIF_DUMP_DIR */);
@@ -111301,12 +111301,12 @@ async function writePostProcessedFiles(logger, pathInput, uploadTarget, postProc
}
async function uploadPostProcessedFiles(logger, checkoutPath, uploadTarget, postProcessingResults) {
logger.startGroup(`Uploading ${uploadTarget.name} results`);
const sarif = postProcessingResults.sarif;
const toolNames = getToolNames(sarif);
const sarifLog = postProcessingResults.sarif;
const toolNames = getToolNames(sarifLog);
logger.debug(`Validating that each SARIF run has a unique category`);
validateUniqueCategory(sarif, uploadTarget.sentinelPrefix);
validateUniqueCategory(sarifLog, uploadTarget.sentinelPrefix);
logger.debug(`Serializing SARIF for upload`);
const sarifPayload = JSON.stringify(sarif);
const sarifPayload = JSON.stringify(sarifLog);
logger.debug(`Compressing serialized SARIF`);
const zippedSarif = import_zlib.default.gzipSync(sarifPayload).toString("base64");
const checkoutURI = url.pathToFileURL(checkoutPath).href;
@@ -111458,9 +111458,9 @@ function handleProcessingResultForUnsuccessfulExecution(response, status, logger
assertNever(status);
}
}
function validateUniqueCategory(sarif, sentinelPrefix) {
function validateUniqueCategory(sarifLog, sentinelPrefix) {
const categories = {};
for (const run2 of sarif.runs) {
for (const run2 of sarifLog.runs) {
const id = run2?.automationDetails?.id;
const tool = run2.tool?.driver?.name;
const category = `${sanitize(id)}_${sanitize(tool)}`;
@@ -111479,13 +111479,13 @@ function validateUniqueCategory(sarif, sentinelPrefix) {
function sanitize(str2) {
return (str2 ?? "_").replace(/[^a-zA-Z0-9_]/g, "_").toLocaleUpperCase();
}
function filterAlertsByDiffRange(logger, sarif) {
function filterAlertsByDiffRange(logger, sarifLog) {
const diffRanges = readDiffRangesJsonFile(logger);
if (!diffRanges?.length) {
return sarif;
return sarifLog;
}
const checkoutPath = getRequiredInput("checkout_path");
for (const run2 of sarif.runs) {
for (const run2 of sarifLog.runs) {
if (run2.results) {
run2.results = run2.results.filter((result) => {
const locations = [
@@ -111506,7 +111506,7 @@ function filterAlertsByDiffRange(logger, sarif) {
});
}
}
return sarif;
return sarifLog;
}
// src/upload-sarif.ts
src/analyze.ts
+2 -1
View File
@@ -25,6 +25,7 @@ import { FeatureEnablement, Feature } from "./feature-flags";
import { KnownLanguage, Language } from "./languages";
import { Logger, withGroupAsync } from "./logging";
import { OverlayDatabaseMode } from "./overlay";
import type * as sarif from "./sarif";
import { DatabaseCreationTimings, EventReport } from "./status-report";
import { endTracingForCluster } from "./tracer-config";
import * as util from "./util";
@@ -594,7 +595,7 @@ export async function runQueries(
function getPerQueryAlertCounts(sarifPath: string): Record<string, number> {
const sarifObject = JSON.parse(
fs.readFileSync(sarifPath, "utf8"),
) as util.SarifFile;
) as sarif.Log;
// We do not need to compute fingerprints because we are not sending data based off of locations.
// Generate the query: alert count object
src/fingerprints.test.ts
+3 -2
View File
@@ -6,6 +6,7 @@ import test from "ava";
import * as fingerprints from "./fingerprints";
import { getRunnerLogger } from "./logging";
import * as sarif from "./sarif";
import { setupTests } from "./testing-utils";
import * as util from "./util";
@@ -201,7 +202,7 @@ test("addFingerprints", async (t) => {
fs
.readFileSync(`${__dirname}/../src/testdata/fingerprinting.input.sarif`)
.toString(),
) as util.SarifFile;
) as sarif.Log;
const expected = JSON.parse(
fs
.readFileSync(
@@ -229,7 +230,7 @@ test("missingRegions", async (t) => {
fs
.readFileSync(`${__dirname}/../src/testdata/fingerprinting2.input.sarif`)
.toString(),
) as util.SarifFile;
) as sarif.Log;
const expected = JSON.parse(
fs
.readFileSync(
src/fingerprints.ts
+6 -6
View File
@@ -5,7 +5,7 @@ import Long from "long";
import { DocUrl } from "./doc-url";
import { Logger } from "./logging";
import { SarifFile, SarifResult } from "./util";
import type * as sarif from "./sarif";
const tab = "\t".charCodeAt(0);
const space = " ".charCodeAt(0);
@@ -138,7 +138,7 @@ export async function hash(callback: hashCallback, filepath: string) {
// Generate a hash callback function that updates the given result in-place
// when it receives a hash for the correct line number. Ignores hashes for other lines.
function locationUpdateCallback(
result: SarifResult,
result: sarif.Result,
location: any,
logger: Logger,
): hashCallback {
@@ -256,17 +256,17 @@ export function resolveUriToFile(
// Compute fingerprints for results in the given sarif file
// and return an updated sarif file contents.
export async function addFingerprints(
sarif: SarifFile,
sarifLog: sarif.Log,
sourceRoot: string,
logger: Logger,
): Promise<SarifFile> {
): Promise<sarif.Log> {
logger.info(
`Adding fingerprints to SARIF file. See ${DocUrl.TRACK_CODE_SCANNING_ALERTS_ACROSS_RUNS} for more information.`,
);
// Gather together results for the same file and construct
// callbacks to accept hashes for that file and update the location
const callbacksByFile: { [filename: string]: hashCallback[] } = {};
for (const run of sarif.runs || []) {
for (const run of sarifLog.runs || []) {
// We may need the list of artifacts to resolve against
const artifacts = run.artifacts || [];
@@ -316,5 +316,5 @@ export async function addFingerprints(
await hash(teeCallback, filepath);
}
return sarif;
return sarifLog;
}
src/sarif/index.test.ts
+2 -2
View File
@@ -4,7 +4,7 @@ import test from "ava";
import { setupTests } from "../testing-utils";
import { getToolNames, type SarifFile } from ".";
import { getToolNames, type Log } from ".";
setupTests(test);
@@ -13,6 +13,6 @@ test("getToolNames", (t) => {
`${__dirname}/../../src/testdata/tool-names.sarif`,
"utf8",
);
const toolNames = getToolNames(JSON.parse(input) as SarifFile);
const toolNames = getToolNames(JSON.parse(input) as Log);
t.deepEqual(toolNames, ["CodeQL command-line toolchain", "ESLint"]);
});
src/sarif/index.ts
+10 -16
View File
@@ -4,16 +4,10 @@ import { Logger } from "../logging";
import * as sarif from "sarif";
// Re-export some types with other names for backwards-compatibility
export type SarifLocation = sarif.Location;
export type SarifNotification = sarif.Notification;
export type SarifInvocation = sarif.Invocation;
export type SarifResult = sarif.Result;
export type SarifRun = sarif.Run;
export type SarifFile = sarif.Log;
export type * from "sarif";
// `automationId` is non-standard.
export type SarifRunKey = sarif.ToolComponent & {
export type RunKey = sarif.ToolComponent & {
automationId: string | undefined;
};
@@ -27,7 +21,7 @@ export class InvalidSarifUploadError extends Error {}
*
* Returns an array of unique string tool names.
*/
export function getToolNames(sarifFile: SarifFile): string[] {
export function getToolNames(sarifFile: sarif.Log): string[] {
const toolNames = {};
for (const run of sarifFile.runs || []) {
@@ -41,8 +35,8 @@ export function getToolNames(sarifFile: SarifFile): string[] {
return Object.keys(toolNames);
}
export function readSarifFile(sarifFilePath: string): SarifFile {
return JSON.parse(fs.readFileSync(sarifFilePath, "utf8")) as SarifFile;
export function readSarifFile(sarifFilePath: string): sarif.Log {
return JSON.parse(fs.readFileSync(sarifFilePath, "utf8")) as sarif.Log;
}
// Takes a list of paths to sarif files and combines them together,
@@ -50,9 +44,9 @@ export function readSarifFile(sarifFilePath: string): SarifFile {
export function combineSarifFiles(
sarifFiles: string[],
logger: Logger,
): SarifFile {
): sarif.Log {
logger.info(`Loading SARIF file(s)`);
const combinedSarif: SarifFile = {
const combinedSarif: sarif.Log = {
version: "2.1.0",
runs: [],
};
@@ -79,7 +73,7 @@ export function combineSarifFiles(
* Checks whether all the runs in the given SARIF files were produced by CodeQL.
* @param sarifObjects The list of SARIF objects to check.
*/
export function areAllRunsProducedByCodeQL(sarifObjects: SarifFile[]): boolean {
export function areAllRunsProducedByCodeQL(sarifObjects: sarif.Log[]): boolean {
return sarifObjects.every((sarifObject) => {
return sarifObject.runs?.every(
(run) => run.tool?.driver?.name === "CodeQL",
@@ -87,7 +81,7 @@ export function areAllRunsProducedByCodeQL(sarifObjects: SarifFile[]): boolean {
});
}
function createRunKey(run: SarifRun): SarifRunKey {
function createRunKey(run: sarif.Run): RunKey {
return {
name: run.tool?.driver?.name,
fullName: run.tool?.driver?.fullName,
@@ -103,7 +97,7 @@ function createRunKey(run: SarifRun): SarifRunKey {
* criteria used by Code Scanning to determine analysis categories).
* @param sarifObjects The list of SARIF objects to check.
*/
export function areAllRunsUnique(sarifObjects: SarifFile[]): boolean {
export function areAllRunsUnique(sarifObjects: sarif.Log[]): boolean {
const keys = new Set<string>();
for (const sarifObject of sarifObjects) {
src/upload-lib.test.ts
+12 -16
View File
@@ -10,15 +10,11 @@ import * as analyses from "./analyses";
import { AnalysisKind, CodeQuality, CodeScanning } from "./analyses";
import * as api from "./api-client";
import { getRunnerLogger, Logger } from "./logging";
import * as sarif from "./sarif";
import { setupTests } from "./testing-utils";
import * as uploadLib from "./upload-lib";
import { UploadPayload } from "./upload-lib/types";
import {
GitHubVariant,
initializeEnvironment,
SarifFile,
withTmpDir,
} from "./util";
import { GitHubVariant, initializeEnvironment, withTmpDir } from "./util";
setupTests(test);
@@ -268,13 +264,13 @@ test("getGroupedSarifFilePaths - Other file", async (t) => {
test("populateRunAutomationDetails", (t) => {
const tool = { driver: { name: "test tool" } };
let sarif: SarifFile = {
let sarifLog: sarif.Log = {
version: "2.1.0",
runs: [{ tool }],
};
const analysisKey = ".github/workflows/codeql-analysis.yml:analyze";
let expectedSarif: SarifFile = {
let expectedSarif: sarif.Log = {
version: "2.1.0",
runs: [
{ tool, automationDetails: { id: "language:javascript/os:linux/" } },
@@ -283,7 +279,7 @@ test("populateRunAutomationDetails", (t) => {
// Category has priority over analysis_key/environment
let modifiedSarif = uploadLib.populateRunAutomationDetails(
sarif,
sarifLog,
"language:javascript/os:linux",
analysisKey,
'{"language": "other", "os": "other"}',
@@ -292,7 +288,7 @@ test("populateRunAutomationDetails", (t) => {
// It doesn't matter if the category has a slash at the end or not
modifiedSarif = uploadLib.populateRunAutomationDetails(
sarif,
sarifLog,
"language:javascript/os:linux/",
analysisKey,
"",
@@ -300,7 +296,7 @@ test("populateRunAutomationDetails", (t) => {
t.deepEqual(modifiedSarif, expectedSarif);
// check that the automation details doesn't get overwritten
sarif = {
sarifLog = {
version: "2.1.0",
runs: [{ tool, automationDetails: { id: "my_id" } }],
};
@@ -309,7 +305,7 @@ test("populateRunAutomationDetails", (t) => {
runs: [{ tool, automationDetails: { id: "my_id" } }],
};
modifiedSarif = uploadLib.populateRunAutomationDetails(
sarif,
sarifLog,
undefined,
analysisKey,
'{"os": "linux", "language": "javascript"}',
@@ -317,7 +313,7 @@ test("populateRunAutomationDetails", (t) => {
t.deepEqual(modifiedSarif, expectedSarif);
// check multiple runs
sarif = {
sarifLog = {
version: "2.1.0",
runs: [{ tool, automationDetails: { id: "my_id" } }, { tool }],
};
@@ -334,7 +330,7 @@ test("populateRunAutomationDetails", (t) => {
],
};
modifiedSarif = uploadLib.populateRunAutomationDetails(
sarif,
sarifLog,
undefined,
analysisKey,
'{"os": "linux", "language": "javascript"}',
@@ -570,7 +566,7 @@ test("validateUniqueCategory for multiple runs", (t) => {
const sarif2 = createMockSarif("ghi", "jkl");
// duplicate categories are allowed within the same sarif file
const multiSarif: SarifFile = {
const multiSarif: sarif.Log = {
version: "2.1.0",
runs: [sarif1.runs[0], sarif1.runs[0], sarif2.runs[0]],
};
@@ -903,7 +899,7 @@ test("shouldConsiderInvalidRequest returns correct recognises processing errors"
t.false(uploadLib.shouldConsiderInvalidRequest(error3));
});
function createMockSarif(id?: string, tool?: string): SarifFile {
function createMockSarif(id?: string, tool?: string): sarif.Log {
return {
version: "2.1.0",
runs: [
src/upload-lib.ts
+38 -35
View File
@@ -21,7 +21,7 @@ import * as gitUtils from "./git-utils";
import { initCodeQL } from "./init";
import { Logger } from "./logging";
import { getRepositoryNwo, RepositoryNwo } from "./repository";
import type { SarifFile } from "./sarif";
import * as sarif from "./sarif";
import {
areAllRunsProducedByCodeQL,
areAllRunsUnique,
@@ -46,7 +46,7 @@ const GENERIC_404_MSG =
// Checks whether the deprecation warning for combining SARIF files should be shown.
export async function shouldShowCombineSarifFilesDeprecationWarning(
sarifObjects: util.SarifFile[],
sarifObjects: sarif.Log[],
githubVersion: GitHubVersion,
) {
// Do not show this warning on GHES versions before 3.14.0
@@ -66,7 +66,7 @@ export async function shouldShowCombineSarifFilesDeprecationWarning(
}
export async function throwIfCombineSarifFilesDisabled(
sarifObjects: util.SarifFile[],
sarifObjects: sarif.Log[],
githubVersion: GitHubVersion,
) {
if (!(await shouldDisableCombineSarifFiles(sarifObjects, githubVersion))) {
@@ -83,7 +83,7 @@ export async function throwIfCombineSarifFilesDisabled(
// Checks whether combining SARIF files should be disabled.
async function shouldDisableCombineSarifFiles(
sarifObjects: util.SarifFile[],
sarifObjects: sarif.Log[],
githubVersion: GitHubVersion,
) {
if (githubVersion.type === GitHubVariant.GHES) {
@@ -112,7 +112,7 @@ async function combineSarifFilesUsingCLI(
gitHubVersion: GitHubVersion,
features: FeatureEnablement,
logger: Logger,
): Promise<SarifFile> {
): Promise<sarif.Log> {
logger.info("Combining SARIF files using the CodeQL CLI");
const sarifObjects = sarifFiles.map(util.readSarifFile);
@@ -203,11 +203,11 @@ async function combineSarifFilesUsingCLI(
// Populates the run.automationDetails.id field using the analysis_key and environment
// and return an updated sarif file contents.
export function populateRunAutomationDetails(
sarifFile: SarifFile,
sarifFile: sarif.Log,
category: string | undefined,
analysis_key: string,
environment: string | undefined,
): SarifFile {
): sarif.Log {
const automationID = getAutomationID(category, analysis_key, environment);
if (automationID !== undefined) {
@@ -429,9 +429,9 @@ export async function getGroupedSarifFilePaths(
}
// Counts the number of results in the given SARIF file
function countResultsInSarif(sarif: string): number {
function countResultsInSarif(sarifLog: string): number {
let numResults = 0;
const parsedSarif = JSON.parse(sarif);
const parsedSarif = JSON.parse(sarifLog);
if (!Array.isArray(parsedSarif.runs)) {
throw new InvalidSarifUploadError("Invalid SARIF. Missing 'runs' array.");
}
@@ -447,9 +447,9 @@ function countResultsInSarif(sarif: string): number {
return numResults;
}
export function readSarifFile(sarifFilePath: string): SarifFile {
export function readSarifFile(sarifFilePath: string): sarif.Log {
try {
return util.readSarifFile(sarifFilePath);
return sarif.readSarifFile(sarifFilePath);
} catch (e) {
throw new InvalidSarifUploadError(
`Invalid SARIF. JSON syntax error: ${getErrorMessage(e)}`,
@@ -460,12 +460,12 @@ export function readSarifFile(sarifFilePath: string): SarifFile {
// Validates the given SARIF object and throws an error if the SARIF object is invalid.
// The file path is only used in error messages to improve clarity.
export function validateSarifFileSchema(
sarif: SarifFile,
sarifLog: sarif.Log,
sarifFilePath: string,
logger: Logger,
) {
if (
areAllRunsProducedByCodeQL([sarif]) &&
areAllRunsProducedByCodeQL([sarifLog]) &&
// We want to validate CodeQL SARIF in testing environments.
!util.getTestingEnvironment()
) {
@@ -479,7 +479,7 @@ export function validateSarifFileSchema(
// eslint-disable-next-line @typescript-eslint/no-require-imports
const schema = require("../src/sarif-schema-2.1.0.json") as jsonschema.Schema;
const result = new jsonschema.Validator().validate(sarif, schema);
const result = new jsonschema.Validator().validate(sarifLog, schema);
// Filter errors related to invalid URIs in the artifactLocation field as this
// is a breaking change. See https://github.com/github/codeql-action/issues/1703
const warningAttributes = ["uri-reference", "uri"];
@@ -581,7 +581,7 @@ export function buildPayload(
}
export interface PostProcessingResults {
sarif: util.SarifFile;
sarif: sarif.Log;
analysisKey: string;
environment: string;
}
@@ -611,7 +611,7 @@ export async function postProcessSarifFiles(
const gitHubVersion = await getGitHubVersion();
let sarif: SarifFile;
let sarifLog: sarif.Log;
category = analysis.fixCategory(logger, category);
if (sarifPaths.length > 1) {
@@ -621,7 +621,7 @@ export async function postProcessSarifFiles(
validateSarifFileSchema(parsedSarif, sarifPath, logger);
}
sarif = await combineSarifFilesUsingCLI(
sarifLog = await combineSarifFilesUsingCLI(
sarifPaths,
gitHubVersion,
features,
@@ -629,26 +629,26 @@ export async function postProcessSarifFiles(
);
} else {
const sarifPath = sarifPaths[0];
sarif = readSarifFile(sarifPath);
validateSarifFileSchema(sarif, sarifPath, logger);
sarifLog = readSarifFile(sarifPath);
validateSarifFileSchema(sarifLog, sarifPath, logger);
// Validate that there are no runs for the same category
await throwIfCombineSarifFilesDisabled([sarif], gitHubVersion);
await throwIfCombineSarifFilesDisabled([sarifLog], gitHubVersion);
}
sarif = filterAlertsByDiffRange(logger, sarif);
sarif = await fingerprints.addFingerprints(sarif, checkoutPath, logger);
sarifLog = filterAlertsByDiffRange(logger, sarifLog);
sarifLog = await fingerprints.addFingerprints(sarifLog, checkoutPath, logger);
const analysisKey = await api.getAnalysisKey();
const environment = actionsUtil.getRequiredInput("matrix");
sarif = populateRunAutomationDetails(
sarif,
sarifLog = populateRunAutomationDetails(
sarifLog,
category,
analysisKey,
environment,
);
return { sarif, analysisKey, environment };
return { sarif: sarifLog, analysisKey, environment };
}
/**
@@ -754,13 +754,13 @@ export async function uploadPostProcessedFiles(
): Promise<UploadResult> {
logger.startGroup(`Uploading ${uploadTarget.name} results`);
const sarif = postProcessingResults.sarif;
const toolNames = util.getToolNames(sarif);
const sarifLog = postProcessingResults.sarif;
const toolNames = util.getToolNames(sarifLog);
logger.debug(`Validating that each SARIF run has a unique category`);
validateUniqueCategory(sarif, uploadTarget.sentinelPrefix);
validateUniqueCategory(sarifLog, uploadTarget.sentinelPrefix);
logger.debug(`Serializing SARIF for upload`);
const sarifPayload = JSON.stringify(sarif);
const sarifPayload = JSON.stringify(sarifLog);
logger.debug(`Compressing serialized SARIF`);
const zippedSarif = zlib.gzipSync(sarifPayload).toString("base64");
@@ -1003,14 +1003,14 @@ function handleProcessingResultForUnsuccessfulExecution(
}
export function validateUniqueCategory(
sarif: SarifFile,
sarifLog: sarif.Log,
sentinelPrefix: string,
): void {
// duplicate categories are allowed in the same sarif file
// but not across multiple sarif files
const categories = {} as Record<string, { id?: string; tool?: string }>;
for (const run of sarif.runs) {
for (const run of sarifLog.runs) {
const id = run?.automationDetails?.id;
const tool = run.tool?.driver?.name;
const category = `${sanitize(id)}_${sanitize(tool)}`;
@@ -1045,15 +1045,18 @@ function sanitize(str?: string) {
return (str ?? "_").replace(/[^a-zA-Z0-9_]/g, "_").toLocaleUpperCase();
}
function filterAlertsByDiffRange(logger: Logger, sarif: SarifFile): SarifFile {
function filterAlertsByDiffRange(
logger: Logger,
sarifLog: sarif.Log,
): sarif.Log {
const diffRanges = readDiffRangesJsonFile(logger);
if (!diffRanges?.length) {
return sarif;
return sarifLog;
}
const checkoutPath = actionsUtil.getRequiredInput("checkout_path");
for (const run of sarif.runs) {
for (const run of sarifLog.runs) {
if (run.results) {
run.results = run.results.filter((result) => {
const locations = [
@@ -1089,5 +1092,5 @@ function filterAlertsByDiffRange(logger: Logger, sarif: SarifFile): SarifFile {
}
}
return sarif;
return sarifLog;
}