Merge pull request #345 from codacy/fix/severity-sarif

Francisco Duarte · web-flow · commit af1514d6911a · 2021-02-22T11:24:52.000Z
fix: Fix severity level in Sarif CY-3724
diff --git a/cli/src/main/scala/com/codacy/analysis/cli/analysis/AnalyseExecutor.scala b/cli/src/main/scala/com/codacy/analysis/cli/analysis/AnalyseExecutor.scala
@@ -67,6 +67,7 @@ class AnalyseExecutor(formatter: Formatter,
                 tool.name,
                 fullToolSpec.map(_.toolApiSpec),
                 fullToolSpec.map(_.patternDescriptions).getOrElse(Set.empty[PatternDescription]),
+                fullToolSpec.map(_.tool.prefix),
                 filteredFiles.readableFiles,
                 analysisResults)
             case metricsTool: MetricsTool =>
@@ -112,10 +113,15 @@ class AnalyseExecutor(formatter: Formatter,
       formatter.begin()
       executorResults.foreach {
         case toolResults: IssuesToolExecutorResult =>
-          toolResults.analysisResults.foreach(results =>
-            formatter.addAll(toolResults.toolSpecification, toolResults.patternDescriptions, results.to[List]))
+          toolResults.analysisResults.foreach(
+            results =>
+              formatter.addAll(
+                toolResults.toolSpecification,
+                toolResults.patternDescriptions,
+                toolResults.prefix,
+                results.to[List]))
         case toolResults =>
-          toolResults.analysisResults.foreach(results => formatter.addAll(None, Set.empty, results.to[List]))
+          toolResults.analysisResults.foreach(results => formatter.addAll(None, Set.empty, None, results.to[List]))
       }
       formatter.end()
 
@@ -211,6 +217,7 @@ object AnalyseExecutor {
     toolName: String,
     toolSpecification: Option[com.codacy.plugins.api.results.Tool.Specification],
     patternDescriptions: Set[PatternDescription],
+    prefix: Option[String],
     files: Set[Path],
     analysisResults: Try[Set[ToolResult]])
       extends ExecutorResult[ToolResult]
diff --git a/cli/src/main/scala/com/codacy/analysis/cli/command/AnalyseCommand.scala b/cli/src/main/scala/com/codacy/analysis/cli/command/AnalyseCommand.scala
@@ -216,9 +216,9 @@ class AnalyseCommand(analyze: Analyze,
 
   private def issuesToUpload(toolAndIssuesResults: Seq[IssuesToolExecutorResult]): Seq[ResultsUploader.ToolResults] = {
     toolAndIssuesResults.map {
-      case IssuesToolExecutorResult(toolName, _, _, files, Success(issues)) =>
+      case IssuesToolExecutorResult(toolName, _, _, _, files, Success(issues)) =>
         ResultsUploader.ToolResults(toolName, files, Right(issues))
-      case IssuesToolExecutorResult(toolName, _, _, files, Failure(error)) =>
+      case IssuesToolExecutorResult(toolName, _, _, _, files, Failure(error)) =>
         ResultsUploader.ToolResults(toolName, files, Left(error.getMessage))
     }(collection.breakOut)
   }
diff --git a/cli/src/main/scala/com/codacy/analysis/cli/formatter/Formatter.scala b/cli/src/main/scala/com/codacy/analysis/cli/formatter/Formatter.scala
@@ -21,6 +21,7 @@ trait Formatter {
 
   def addAll(toolSpecification: Option[com.codacy.plugins.api.results.Tool.Specification],
              patternDescriptions: Set[PatternDescription],
+             toolPrefix: Option[String],
              elements: Seq[Result]): Unit
 
   def end(): Unit
diff --git a/cli/src/main/scala/com/codacy/analysis/cli/formatter/Json.scala b/cli/src/main/scala/com/codacy/analysis/cli/formatter/Json.scala
@@ -42,6 +42,7 @@ private[formatter] class Json(val stream: PrintStream) extends Formatter {
 
   override def addAll(toolSpecification: Option[com.codacy.plugins.api.results.Tool.Specification],
                       patternDescriptions: Set[PatternDescription],
+                      toolPrefix: Option[String],
                       elements: Seq[Result]): Unit = elements.foreach(add)
 
   private def add(element: Result): Unit = {
diff --git a/cli/src/main/scala/com/codacy/analysis/cli/formatter/Sarif.scala b/cli/src/main/scala/com/codacy/analysis/cli/formatter/Sarif.scala
@@ -52,9 +52,10 @@ private[formatter] class Sarif(val stream: PrintStream, val executionDirectory:
 
   override def addAll(toolSpecification: Option[com.codacy.plugins.api.results.Tool.Specification],
                       patternDescriptions: Set[PatternDescription],
+                      toolPrefix: Option[String],
                       analysisResults: Seq[Result]): Unit = {
     toolSpecification.foreach { toolSpec =>
-      val categorizedIssues = categorizeIssues(toolSpec, analysisResults)
+      val categorizedIssues = categorizeIssues(toolSpec, toolPrefix, analysisResults)
 
       val securityRules = createRules(categorizedIssues.securityIssues, patternDescriptions)
       val nonSecurityRules = createRules(categorizedIssues.nonSecurityIssues, patternDescriptions)
@@ -92,6 +93,7 @@ private[formatter] class Sarif(val stream: PrintStream, val executionDirectory:
   }
 
   private def categorizeIssues(toolSpec: com.codacy.plugins.api.results.Tool.Specification,
+                               toolPrefix: Option[String],
                                analysisResults: Seq[Result]): CategorizedIssues = {
     // HACK: Seems like the issues (`issue.category`) do not have the right category
     //   while in the specification (`toolSpec.patterns[].category`) the pattern has the right category
@@ -101,7 +103,9 @@ private[formatter] class Sarif(val stream: PrintStream, val executionDirectory:
     analysisResults.foldLeft(CategorizedIssues(Seq.empty, Seq.empty)) {
 
       case (categorizedIssues, issue: Issue)
-          if patternsCategoryMap.get(issue.patternId.value).contains(Pattern.Category.Security) =>
+          if patternsCategoryMap
+            .get(toolPrefix.fold(issue.patternId.value)(prefix => issue.patternId.value.stripPrefix(prefix)))
+            .contains(Pattern.Category.Security) =>
         categorizedIssues.addSecurityIssue(issue)
 
       case (categorizedIssues, issue: Issue) =>
diff --git a/cli/src/main/scala/com/codacy/analysis/cli/formatter/Text.scala b/cli/src/main/scala/com/codacy/analysis/cli/formatter/Text.scala
@@ -29,6 +29,7 @@ private[formatter] class Text(val stream: PrintStream) extends Formatter {
 
   override def addAll(toolSpecification: Option[com.codacy.plugins.api.results.Tool.Specification],
                       patternDescriptions: Set[PatternDescription],
+                      toolPrefix: Option[String],
                       elements: Seq[Result]): Unit = elements.foreach(add)
 
   private def add(element: Result): Unit = {
diff --git a/cli/src/test/scala/com/codacy/analysis/cli/analysis/ExitStatusSpec.scala b/cli/src/test/scala/com/codacy/analysis/cli/analysis/ExitStatusSpec.scala
@@ -27,6 +27,7 @@ class ExitStatusSpec extends Specification with NoLanguageFeatures with Mockito
         toolName = "MyTool",
         toolSpecification = None,
         patternDescriptions = Set.empty,
+        prefix = None,
         files = Set(Paths.get("Test.scala")),
         // scalafmt: { binPack.defnSite = true }
         analysisResults = Success(Set(
@@ -58,6 +59,7 @@ class ExitStatusSpec extends Specification with NoLanguageFeatures with Mockito
         toolName = "MyTool",
         toolSpecification = None,
         patternDescriptions = Set.empty,
+        prefix = None,
         files = Set(Paths.get("Test.scala")),
         // scalafmt: { binPack.defnSite = true }
         analysisResults = Success(Set(
@@ -92,6 +94,7 @@ class ExitStatusSpec extends Specification with NoLanguageFeatures with Mockito
               toolName = "MyTool",
               toolSpecification = None,
               patternDescriptions = Set.empty,
+              prefix = None,
               files = Set(Paths.get("Test.scala")),
               analysisResults = Success(Set()))))) should beEqualTo(ExitStatus.ExitCodes.success)
     }
@@ -102,12 +105,14 @@ class ExitStatusSpec extends Specification with NoLanguageFeatures with Mockito
           toolName = "MyTool",
           toolSpecification = None,
           patternDescriptions = Set.empty,
+          prefix = None,
           files = Set(),
           analysisResults = Success(Set())),
         IssuesToolExecutorResult(
           toolName = "MyTool",
           toolSpecification = None,
           patternDescriptions = Set.empty,
+          prefix = None,
           files = Set(Paths.get("Test.scala")),
           analysisResults = Failure(new Exception("Failed")))))) should beEqualTo(
         ExitStatus.ExitCodes.partiallyFailedAnalysis)
@@ -119,12 +124,14 @@ class ExitStatusSpec extends Specification with NoLanguageFeatures with Mockito
           toolName = "MyTool",
           toolSpecification = None,
           patternDescriptions = Set.empty,
+          prefix = None,
           files = Set(),
           analysisResults = Success(Set())),
         IssuesToolExecutorResult(
           toolName = "MyTool",
           toolSpecification = None,
           patternDescriptions = Set.empty,
+          prefix = None,
           files = Set(Paths.get("Test.scala")),
           analysisResults = Failure(new Exception("Failed")))))) should beEqualTo(ExitStatus.ExitCodes.success)
     }
diff --git a/cli/src/test/scala/com/codacy/analysis/cli/formatter/SarifSpec.scala b/cli/src/test/scala/com/codacy/analysis/cli/formatter/SarifSpec.scala
@@ -120,6 +120,7 @@ class SarifSpec extends Specification with NoLanguageFeatures {
     formatter.addAll(
       toolSpecification = Option(toolSpecification),
       patternDescriptions = Set(securityPatternDescription, duplicationPatternDescription),
+      toolPrefix = None,
       elements = List(securityIssue, duplicationIssue))
     formatter.end()
     val formatterOutput = bos.toString
