Update schema and tests to SARIF TC#25 conclusions, 2.0.0-csd.2.beta.2018-10-10 #1114
Conversation
| @@ -16,8 +16,6 @@ | |||
| Do not restore NuGet packages. | |||
| .PARAMETER NoObjectModel | |||
| Do not rebuild the SARIF object model from the schema. | |||
| .PARAMETER NoBuildSample | |||
There was a problem hiding this comment.
NoBuildSample [](start = 11, length = 13)
We have too many knobs in our build script and no easy ways to do common scenarios such as (please just rebuild and run tests rather than everything else). We also don't succeed in Debug configurations. #Closed
| @@ -360,11 +520,6 @@ | |||
| "kind": "DictionaryHint" | |||
| } | |||
| ], | |||
| "Result.Fingerprints": [ | |||
There was a problem hiding this comment.
Result.Fingerprints [](start = 3, length = 19)
FYI, i realphabetized some content in this file, as it had gotten out of date based on some renaming. This construct has moved earlier in the file, for example. #Closed
| private const string SchemaPropertyPattern = @"""\$schema""\s*:\s*""[^""]+"""; | ||
| private static readonly Regex s_SchemaRegex = new Regex(SchemaPropertyPattern, RegexOptions.Compiled); | ||
|
|
||
| public static string UpdateVersionNumberToCurrent(string logContents) |
There was a problem hiding this comment.
UpdateVersionNumberToCurrent [](start = 29, length = 28)
This utility also previously replaced the run.tool version! Oops. We now use the JParser to make the sarifLog.version update. #ByDesign
There was a problem hiding this comment.
I hope this is the last time I ever think I can get away with using a regex to modify a JSON, XML, or HTML file.
In reply to: 226504993 [](ancestors = 226504993)
| @@ -35,7 +35,7 @@ | |||
| }, | |||
| "region": { | |||
| "startLine": 12, | |||
| "startColumn": 50 | |||
| "startColumn": 60 | |||
There was a problem hiding this comment.
startColumn [](start = 19, length = 11)
introduction of 'repository' to property name offsets startColumn by 10 chars #ByDesign
| @@ -34,8 +34,8 @@ | |||
| "uri": "file:///C:/Code/sarif-sdk/src/Sarif.Multitool.FunctionalTests/TestData/UrisMustBeValid/InvalidUriInOriginalUriBaseIds.sarif" | |||
| }, | |||
| "region": { | |||
| "startLine": 10, | |||
| "startColumn": 51 | |||
| "startLine": 11, | |||
There was a problem hiding this comment.
startLine [](start = 19, length = 9)
conversion of originalUriBaseIds values from string to file location introduces a new line in the file, hence changes in offsets #ByDesign
| @@ -251,8 +251,7 @@ private HashSet<string> CreateTargetsSet(TOptions analyzeOptions) | |||
| var fileSpecifier = new FileSpecifier(normalizedSpecifier, recurse: analyzeOptions.Recurse, fileSystem: FileSystem); | |||
| foreach (string file in fileSpecifier.Files) { targets.Add(file); } | |||
| } | |||
| Debug.Assert(targets.Count > 0); | |||
There was a problem hiding this comment.
Debug.Assert [](start = 12, length = 12)
this assert prevents debug unit tests from completing #Closed
src/ReleaseHistory.md
Outdated
| * BREAKING: versionControlDetails.timestamp renamed to 'asOfTimeUtc'. | ||
| * BREAKING: versionControlDetails.uri renamed to 'repositoryUri'. | ||
| * BREAKING: exception.message type converted from string to message object. |
There was a problem hiding this comment.
. [](start = 74, length = 1)
Also mention the introduction of result.occurrenceCount (I have a note on my desk that you have a customer waiting for an SDK version that supports occurrenceCount). #Closed
There was a problem hiding this comment.
Yes, also neglected file.hashes, run.id and run.aggregateIds and threadFlowLocation.step removal.
In reply to: 226705862 [](ancestors = 226705862)
| } | ||
| } | ||
| ], | ||
| "externalFiles": [ |
There was a problem hiding this comment.
externalFiles [](start = 3, length = 13)
This doesn't look right. The run object has a property externalFiles, which is of type "array of externalFile", and the externalFile object is the thing that has a property bag. #ByDesign
There was a problem hiding this comment.
Sorry, I got this wrong. The spec says that the value of run.externalFiles is an object, and then it goes on to describe the properties of that object -- but it doesn't give that set of properties a name, unlike every other object in the spec. I filed Issue #266: "Define an object type for the value of run.externalFiles" (CSD.2, bug, editorial, documentation-only).
In reply to: 226708519 [](ancestors = 226708519)
| @@ -512,13 +657,25 @@ | |||
| "Run.OriginalUriBaseIds": [ | |||
| { | |||
| "kind": "DictionaryHint" | |||
| }, | |||
| } | |||
There was a problem hiding this comment.
} [](start = 4, length = 1)
I assume you omitted the AttributeHint because with the new "chained" design for originalUriBaseIds, the dictionary entries are no longer necessarily URIs. #ByDesign
There was a problem hiding this comment.
| @@ -16,6 +16,40 @@ namespace Microsoft.CodeAnalysis.Sarif | |||
| { | |||
| public static class ExtensionMethods | |||
| { | |||
| public static string InstanceIdInstanceComponent(this RunAutomationDetails runAutomationDetails) | |||
There was a problem hiding this comment.
InstanceIdInstanceComponent [](start = 29, length = 27)
Consider: Make this an extension method on string so it would be used like this:
string instanceComponent = runAutomationDetails.InstanceId.?InstanceComponent;
That seems more natural to me than
string instanceComponent = runAutomationDetails.InstanceIdInstanceComponent;
and it reduces the coupling of this method (you could unit test it without having the definition of RunAutomationDetails).
Same comment for InstanceIdLogicalComponent as well. #ByDesign
There was a problem hiding this comment.
Although I suppose you could argue that the current design eliminates the potential error of forgetting to null-check runAutomationDetails.InstanceId. Ok, I withdraw this.
In reply to: 226710524 [](ancestors = 226710524)
src/Sarif/ExtensionMethods.cs
Outdated
| return String.Empty; | ||
| } | ||
|
|
||
| return instanceId.Substring(0, instanceId.LastIndexOf('/') + 1); |
There was a problem hiding this comment.
- 1 [](start = 71, length = 3)
This includes the final slash. I don't agree with that. If instanceId is x/y, then the "category" (the logical id) is x, not x/. I know you love your trailing slashes on directory-valued URIs, but I don't think it's right here.
There was a problem hiding this comment.
I actually intended this, because for this value, the slash is required to indicate the logical component. So, 'logical' on its on in this id would actually be the instance component'. 'logical/' represents a logical only component in the id. I'm glad to change it.
In reply to: 226712702 [](ancestors = 226712702)
There was a problem hiding this comment.
IMO it should be changed. When you call Path.GetDirectoryName, whether on dirName or on dirName\fileName, you get back dirName, not dirName\.
You don't need \ on the return value to "indicate the logical component". You know it's the logical component because you got it by calling InstanceIdLogicalComponent.
In reply to: 226844096 [](ancestors = 226844096,226712702)
There was a problem hiding this comment.
(Reactivated to call my response to your attention.)
In reply to: 226872911 [](ancestors = 226872911,226844096,226712702)
You omitted the declaration of the
You did add it to This won't affect C# code because Refers to: src/Sarif/Schemata/sarif-schema.json:74 in 7aaa3e9. [](commit_id = 7aaa3e9, deletion_comment = False) |
src/Sarif/Schemata/sarif-schema.json
Outdated
| "properties": { | ||
|
|
||
| "description": { | ||
| "description": "A description of the role played within the engineering system by this object's containing run object.", |
There was a problem hiding this comment.
[](start = 46, length = 1)
Nit: The spec says here "identity and role", which I think is useful as it captures the purpose of instanceGuid and the trailing component of instanceId. #Closed
src/Sarif/Schemata/sarif-schema.json
Outdated
| }, | ||
|
|
||
| "instanceGuid": { | ||
| "description": "A string that uniquely identifies this object's containing run object in the form of a GUID.", |
There was a problem hiding this comment.
string that uniquely identifies [](start = 28, length = 31)
Nit: The spec might not be uniform in its phrasing. I like the formulation "A stable, unique identifier for in the form of a GUID." #Closed
src/Sarif/Schemata/sarif-schema.json
Outdated
| }, | ||
|
|
||
| "properties": { | ||
| "description": "Key/value pairs that provide additional information about the scan automation details.", |
There was a problem hiding this comment.
scan [](start = 88, length = 4)
scan => run #Closed
| @@ -1705,7 +1707,7 @@ | |||
| }, | |||
|
|
|||
| "frames": { | |||
| "description": "An array of stack frames that represent a sequence of calls, rendered in reverse chronological order, that comprise the call stack.", | |||
| "description": "An array of stack frames that represents a sequence of calls, rendered in reverse chronological order, that comprise the call stack.", | |||
There was a problem hiding this comment.
represents [](start = 56, length = 10)
Thanks. #ByDesign
There was a problem hiding this comment.
Although I suppose you could argue whether the word modifies "array" or "stack frames".
In reply to: 226731080 [](ancestors = 226731080)
There was a problem hiding this comment.
By making it singular, there is no argument. :) There was no argument before, it is just my sense that this form is less likely to be construed as an error. :)
In reply to: 226731287 [](ancestors = 226731287,226731080)
src/Sarif/Schemata/sarif-schema.json
Outdated
| @@ -1901,7 +1897,7 @@ | |||
| }, | |||
|
|
|||
| "properties": { | |||
| "description": "Key/value pairs that provide additional information about the code location.", | |||
| "description": "Key/value pairs that provide additional information about the threadflow location.", | |||
| "type": "object", | |||
There was a problem hiding this comment.
type": "object", [](start = 11, length = 16)
DRY this one out to propertyBag. #Closed
There was a problem hiding this comment.
Forgot to complete this scrub! Missed many examples, now resolved, thanks.
In reply to: 226731555 [](ancestors = 226731555)
There was a problem hiding this comment.
Almost! Do the same for ruleConfiguration.parameters.
In reply to: 226844215 [](ancestors = 226844215,226731555)
There was a problem hiding this comment.
| @@ -106,7 +108,7 @@ internal ExceptionDataVersionOne CreateExceptionData(ExceptionData v2ExceptionDa | |||
| { | |||
| InnerExceptions = v2ExceptionData.InnerExceptions?.Select(CreateExceptionData).ToList(), | |||
| Kind = v2ExceptionData.Kind, | |||
| Message = v2ExceptionData.Message, | |||
| Message = v2ExceptionData.Message.Text, | |||
There was a problem hiding this comment.
. [](start = 53, length = 1)
"." => "?." #Closed
| { | ||
| algorithm = AlgorithmKindVersionOne.Unknown; | ||
| } | ||
| Utilities.AlgorithmNameKindMap.TryGetValue(key, out AlgorithmKindVersionOne algorithm); |
There was a problem hiding this comment.
Utilities [](start = 16, length = 9)
Retain the logic that if this method returns false, algorithm should be AlgorithmKindVersionOne.Unknown. #ByDesign
There was a problem hiding this comment.
It does. Unknown is the first element of the enum, assigned a value of '0' (the value to which an enum variable is initialized). Added a note.
In reply to: 226735147 [](ancestors = 226735147)
| run.Id = v2Run.InstanceGuid; | ||
|
|
||
| run.Id = v2Run.Id?.InstanceGuid; | ||
| run.AutomationId = v2Run.AggregateIds?.First().InstanceId; |
There was a problem hiding this comment.
First [](start = 59, length = 5)
FirstOrDefault()?.InstanceId, on the off chance that the array is present but empty. #Closed
There was a problem hiding this comment.
we actually should be scrubbing for this, nearly every array in the standard should be minValues == 1. will open a tracking issue.
In reply to: 226735459 [](ancestors = 226735459)
There was a problem hiding this comment.
You added the "?" but you didn't change First to FirstOrDefault. First will throw if the array is empty. (I know you opened a tracking issue but we have the hood up on this one).
In reply to: 226844620 [](ancestors = 226844620,226735459)
There was a problem hiding this comment.
| @@ -124,7 +125,7 @@ internal ExceptionData CreateExceptionData(ExceptionDataVersionOne v1ExceptionDa | |||
| { | |||
| InnerExceptions = v1ExceptionData.InnerExceptions?.Select(CreateExceptionData).ToList(), | |||
| Kind = v1ExceptionData.Kind, | |||
| Message = v1ExceptionData.Message, | |||
| Message = v1ExceptionData.Message.ToMessage(), | |||
There was a problem hiding this comment.
. [](start = 53, length = 1)
"." => "?." #Closed
|
|
||
| // Delete threadFlowLocation.step property: https://github.com/oasis-tcs/sarif-spec/issues/203 | ||
| JToken step = threadFlowLocation["step"]; | ||
| if (step?.Type == JTokenType.Integer) |
There was a problem hiding this comment.
if (step?.Type == JTokenType.Integer) [](start = 24, length = 37)
Why the test? You wouldn't keep it around if it were (for example) a string, right? #Closed
| return modifiedRun; | ||
| } | ||
|
|
||
| internal static bool UpdateInvocationObject(JObject invocation) |
There was a problem hiding this comment.
Object( [](start = 45, length = 7)
I think UpdateInvocation suffices. #Closed
| invocation["workingDirectory"] = fileLocationObject; | ||
|
|
||
| modifiedInvocation = true; | ||
| } |
There was a problem hiding this comment.
Bonus points: DRY out by extracting a method
bool ReplaceUriStringWithFileLocation(JObject jObject, string propertyName)
You have the same logic, expressed slightly differently in UpdateOriginalUriBaseIds below. #Closed
There was a problem hiding this comment.
There's actually very little shared code here. I did pull out the code in one place but the other didn't naturally utilize it. Oh well.
In reply to: 226765536 [](ancestors = 226765536)
|
|
||
| foreach (JObject notification in notifications) | ||
| { | ||
| modifiedNotification |= UpdateNotificationObjects(notification); |
There was a problem hiding this comment.
Objects [](start = 58, length = 7)
You're passing only one object, so it would be UpdateNotificationObject, but UpdateNotification suffices. #Closed
| @@ -6,6 +6,7 @@ | |||
| using System.Linq; | |||
| using System.Resources; | |||
| using Microsoft.CodeAnalysis.Sarif.Driver; | |||
| using Microsoft.CodeAnalysis.Sarif.Writers; | |||
There was a problem hiding this comment.
Writers [](start = 35, length = 7)
Is this a remnant of a change you decided not to make? Since there are no other changes, and it built before, this can't be necessary (unless, I suppose, you changed the namespace of some other class that this class uses). #Closed
| @@ -11,18 +11,24 @@ | |||
|
|
|||
| namespace Microsoft.CodeAnalysis.Sarif.Multitool.Rules | |||
| { | |||
| public abstract class SkimmerTestsBase<TSkimmer> : SarifMultitoolTestBase | |||
| public abstract class ValidationSkimmerTestsBase<TSkimmer> : SarifMultitoolTestBase | |||
There was a problem hiding this comment.
ValidationSkimmerTestsBase [](start = 26, length = 26)
Rename the file to match the class. #Closed
| using System; | ||
| using System.IO; | ||
| using System.Text; | ||
| using Xunit; |
| } | ||
|
|
||
|
|
||
| private ITestOutputHelper _outputHelper; |
There was a problem hiding this comment.
private [](start = 8, length = 7)
readonly #Closed
| } | ||
|
|
||
|
|
||
| protected virtual Assembly ThisAssembly { get { return this.GetType().Assembly; } } |
There was a problem hiding this comment.
ThisAssembly [](start = 35, length = 12)
Consider expression body syntax:
protected virtual Assembly ThisAssembly => this.GetType().Assembly;
``` #Closed
There was a problem hiding this comment.
|
|
||
| protected string GetOutputFilePath(string directory, string resourceName) | ||
| { | ||
| string fileName = string.Format("{0}.sarif", |
There was a problem hiding this comment.
FxCop would complain that you didn't specify CultureInfo.InvariantCulture. Or just:
string fileName = Path.GetFileNameWithoutExtension(resourcesName) + ".sarif";
``` #Closed
There was a problem hiding this comment.
good fix of code i moved. using string.format for what is effectively simple string concat not a good idea, from a micro-optimization standpoint.
In reply to: 226788994 [](ancestors = 226788994)
|
Many more or less minor nits and quibbles, some potential failure-to-null-check bugs, but nothing that I have to revisit once you've addressed. #Resolved |
We didn't ship this version in NuGet, so that's not literally correct. AFAIK, this suffix is no longer used to delist publishes (its original intent). So I will just delete it. In reply to: 431419604 [](ancestors = 431419604) Refers to: src/build.props:26 in 7aaa3e9. [](commit_id = 7aaa3e9, deletion_comment = False) |
Just fyi, a note like: I will stop remarking on this, is a clue that it my responsible to scrub for it, as I have. :) Then I don't have to close/response to many identical notes. I will not stop explicitly commenting on your repeated notes. :) In reply to: 431445929 [](ancestors = 431445929) Refers to: src/Sarif/Schemata/sarif-schema.json:391 in 7aaa3e9. [](commit_id = 7aaa3e9, deletion_comment = False) |
| } | ||
| } | ||
|
|
||
| return true; |
There was a problem hiding this comment.
true [](start = 19, length = 4)
Yikes! how did I miss this? You need to return modifiedLog. #Closed
There was a problem hiding this comment.
ouch. more signs of failure to utilize detailed unit tests. i will fix that after the fact. this change really exploded on me.
In reply to: 226873484 [](ancestors = 226873484)
There was a problem hiding this comment.
ouch. more signs of failure to utilize detailed unit tests. i will fix that after the fact. this change really exploded on me.
In reply to: 226873484 [](ancestors = 226873484)
There was a problem hiding this comment.
ouch. more signs of failure to utilize detailed unit tests. i will fix that after the fact. this change really exploded on me.
In reply to: 226873484 [](ancestors = 226873484)
So there is a subtlety to using these properties correctly. We should update In reply to: 431627246 [](ancestors = 431627246,431419604) Refers to: src/build.props:26 in 7aaa3e9. [](commit_id = 7aaa3e9, deletion_comment = False) |
ghost
mentioned this pull request
ghost
mentioned this pull request
Changes in this PR:
CRITICAL FILES TO REVIEW:
Sarif\Schema\sarif-schema.json and
Sarif\Writers\PrereleaseCompatibilityTransformer.cs
Update schema/OM/etc. to schema as of SARIF TC#25, 10-10-2018
originalUriBaseIds is now a dictionary of file locations, not strings.
Suffix invocation.startTime, invocation.endTime, file.lastModifiedTime and notification.time with Utc (startTimeUtc, endTimeUtc, etc.).
threadflowLocation.timestamp renamed to 'executionTimeUtc'.
versionControlDetails.timestamp renamed to 'asOfTimeUtc'.
versionControlDetails.uri renamed to 'repositoryUri'.
exception.message type converted from string to message object.
all the things have property bags
Provide PrereleaseCompatibilityTransformer functionality that automatically upgrades prerelease v2 to current.
NOTE: this mechanism is used to update all existing checked in test files (a significant proof point).
Author new comprehensive prerelease SARIF v1 file to ensure code coverage of all transformations
TODO: author detailed unit tests for this transformer
Remove all inlined schema property bag definitions in preferences of reference to single 'propertyBag' definition
Remove -NoBuildSample from build.
Clean-up alphabetization of CodeGenHints.json
Convert all SARIF v1 <-> v2 tests to operate against checked in files rather than embedded string literals.
Move transformer tests (and test data files) and rename to conform to existing standards.
Delete 'StepValuesMustFormOneBasedSequence' rule. Note to self: the requirement to author a validation rule sometimes a signal of a design flaw. :)
@lgolding @rtaket