New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update schema and tests to SARIF TC#25 conclusions, 2.0.0-csd.2.beta.2018-10-10 #1114
Conversation
@@ -16,8 +16,6 @@ | |||
Do not restore NuGet packages. | |||
.PARAMETER NoObjectModel | |||
Do not rebuild the SARIF object model from the schema. | |||
.PARAMETER NoBuildSample |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
NoBuildSample [](start = 11, length = 13)
We have too many knobs in our build script and no easy ways to do common scenarios such as (please just rebuild and run tests rather than everything else). We also don't succeed in Debug configurations. #Closed
@@ -360,11 +520,6 @@ | |||
"kind": "DictionaryHint" | |||
} | |||
], | |||
"Result.Fingerprints": [ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Result.Fingerprints [](start = 3, length = 19)
FYI, i realphabetized some content in this file, as it had gotten out of date based on some renaming. This construct has moved earlier in the file, for example. #Closed
private const string SchemaPropertyPattern = @"""\$schema""\s*:\s*""[^""]+"""; | ||
private static readonly Regex s_SchemaRegex = new Regex(SchemaPropertyPattern, RegexOptions.Compiled); | ||
|
||
public static string UpdateVersionNumberToCurrent(string logContents) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
UpdateVersionNumberToCurrent [](start = 29, length = 28)
This utility also previously replaced the run.tool version! Oops. We now use the JParser to make the sarifLog.version update. #ByDesign
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I hope this is the last time I ever think I can get away with using a regex to modify a JSON, XML, or HTML file.
In reply to: 226504993 [](ancestors = 226504993)
@@ -35,7 +35,7 @@ | |||
}, | |||
"region": { | |||
"startLine": 12, | |||
"startColumn": 50 | |||
"startColumn": 60 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
startColumn [](start = 19, length = 11)
introduction of 'repository' to property name offsets startColumn by 10 chars #ByDesign
@@ -34,8 +34,8 @@ | |||
"uri": "file:///C:/Code/sarif-sdk/src/Sarif.Multitool.FunctionalTests/TestData/UrisMustBeValid/InvalidUriInOriginalUriBaseIds.sarif" | |||
}, | |||
"region": { | |||
"startLine": 10, | |||
"startColumn": 51 | |||
"startLine": 11, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
startLine [](start = 19, length = 9)
conversion of originalUriBaseIds values from string to file location introduces a new line in the file, hence changes in offsets #ByDesign
@@ -251,8 +251,7 @@ private HashSet<string> CreateTargetsSet(TOptions analyzeOptions) | |||
var fileSpecifier = new FileSpecifier(normalizedSpecifier, recurse: analyzeOptions.Recurse, fileSystem: FileSystem); | |||
foreach (string file in fileSpecifier.Files) { targets.Add(file); } | |||
} | |||
Debug.Assert(targets.Count > 0); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Debug.Assert [](start = 12, length = 12)
this assert prevents debug unit tests from completing #Closed
src/ReleaseHistory.md
Outdated
* BREAKING: versionControlDetails.timestamp renamed to 'asOfTimeUtc'. | ||
* BREAKING: versionControlDetails.uri renamed to 'repositoryUri'. | ||
* BREAKING: exception.message type converted from string to message object. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
. [](start = 74, length = 1)
Also mention the introduction of result.occurrenceCount
(I have a note on my desk that you have a customer waiting for an SDK version that supports occurrenceCount
). #Closed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, also neglected file.hashes, run.id and run.aggregateIds and threadFlowLocation.step removal.
In reply to: 226705862 [](ancestors = 226705862)
} | ||
} | ||
], | ||
"externalFiles": [ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
externalFiles [](start = 3, length = 13)
This doesn't look right. The run
object has a property externalFiles
, which is of type "array of externalFile
", and the externalFile
object is the thing that has a property bag. #ByDesign
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sorry, I got this wrong. The spec says that the value of run.externalFiles
is an object, and then it goes on to describe the properties of that object -- but it doesn't give that set of properties a name, unlike every other object in the spec. I filed Issue #266: "Define an object type for the value of run.externalFiles" (CSD.2
, bug
, editorial
, documentation-only
).
In reply to: 226708519 [](ancestors = 226708519)
@@ -512,13 +657,25 @@ | |||
"Run.OriginalUriBaseIds": [ | |||
{ | |||
"kind": "DictionaryHint" | |||
}, | |||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
} [](start = 4, length = 1)
I assume you omitted the AttributeHint
because with the new "chained" design for originalUriBaseIds
, the dictionary entries are no longer necessarily URIs. #ByDesign
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@@ -16,6 +16,40 @@ namespace Microsoft.CodeAnalysis.Sarif | |||
{ | |||
public static class ExtensionMethods | |||
{ | |||
public static string InstanceIdInstanceComponent(this RunAutomationDetails runAutomationDetails) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
InstanceIdInstanceComponent [](start = 29, length = 27)
Consider: Make this an extension method on string
so it would be used like this:
string instanceComponent = runAutomationDetails.InstanceId.?InstanceComponent;
That seems more natural to me than
string instanceComponent = runAutomationDetails.InstanceIdInstanceComponent;
and it reduces the coupling of this method (you could unit test it without having the definition of RunAutomationDetails
).
Same comment for InstanceIdLogicalComponent
as well. #ByDesign
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Although I suppose you could argue that the current design eliminates the potential error of forgetting to null-check runAutomationDetails.InstanceId
. Ok, I withdraw this.
In reply to: 226710524 [](ancestors = 226710524)
src/Sarif/ExtensionMethods.cs
Outdated
return String.Empty; | ||
} | ||
|
||
return instanceId.Substring(0, instanceId.LastIndexOf('/') + 1); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- 1 [](start = 71, length = 3)
This includes the final slash. I don't agree with that. If instanceId
is x/y
, then the "category" (the logical id) is x
, not x/
. I know you love your trailing slashes on directory-valued URIs, but I don't think it's right here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I actually intended this, because for this value, the slash is required to indicate the logical component. So, 'logical' on its on in this id would actually be the instance component'. 'logical/' represents a logical only component in the id. I'm glad to change it.
In reply to: 226712702 [](ancestors = 226712702)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMO it should be changed. When you call Path.GetDirectoryName
, whether on dirName
or on dirName\fileName
, you get back dirName
, not dirName\
.
You don't need \
on the return value to "indicate the logical component". You know it's the logical component because you got it by calling InstanceIdLogicalComponent
.
In reply to: 226844096 [](ancestors = 226844096,226712702)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(Reactivated to call my response to your attention.)
In reply to: 226872911 [](ancestors = 226872911,226844096,226712702)
You omitted the declaration of the
You did add it to This won't affect C# code because Refers to: src/Sarif/Schemata/sarif-schema.json:74 in 7aaa3e9. [](commit_id = 7aaa3e9, deletion_comment = False) |
src/Sarif/Schemata/sarif-schema.json
Outdated
"properties": { | ||
|
||
"description": { | ||
"description": "A description of the role played within the engineering system by this object's containing run object.", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[](start = 46, length = 1)
Nit: The spec says here "identity and role", which I think is useful as it captures the purpose of instanceGuid
and the trailing component of instanceId
. #Closed
src/Sarif/Schemata/sarif-schema.json
Outdated
}, | ||
|
||
"instanceGuid": { | ||
"description": "A string that uniquely identifies this object's containing run object in the form of a GUID.", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
string that uniquely identifies [](start = 28, length = 31)
Nit: The spec might not be uniform in its phrasing. I like the formulation "A stable, unique identifier for in the form of a GUID." #Closed
src/Sarif/Schemata/sarif-schema.json
Outdated
}, | ||
|
||
"properties": { | ||
"description": "Key/value pairs that provide additional information about the scan automation details.", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
scan [](start = 88, length = 4)
scan => run #Closed
@@ -1705,7 +1707,7 @@ | |||
}, | |||
|
|||
"frames": { | |||
"description": "An array of stack frames that represent a sequence of calls, rendered in reverse chronological order, that comprise the call stack.", | |||
"description": "An array of stack frames that represents a sequence of calls, rendered in reverse chronological order, that comprise the call stack.", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
represents [](start = 56, length = 10)
Thanks. #ByDesign
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Although I suppose you could argue whether the word modifies "array" or "stack frames".
In reply to: 226731080 [](ancestors = 226731080)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
By making it singular, there is no argument. :) There was no argument before, it is just my sense that this form is less likely to be construed as an error. :)
In reply to: 226731287 [](ancestors = 226731287,226731080)
src/Sarif/Schemata/sarif-schema.json
Outdated
@@ -1901,7 +1897,7 @@ | |||
}, | |||
|
|||
"properties": { | |||
"description": "Key/value pairs that provide additional information about the code location.", | |||
"description": "Key/value pairs that provide additional information about the threadflow location.", | |||
"type": "object", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
type": "object", [](start = 11, length = 16)
DRY this one out to propertyBag
. #Closed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Forgot to complete this scrub! Missed many examples, now resolved, thanks.
In reply to: 226731555 [](ancestors = 226731555)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Almost! Do the same for ruleConfiguration.parameters
.
In reply to: 226844215 [](ancestors = 226844215,226731555)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@@ -106,7 +108,7 @@ internal ExceptionDataVersionOne CreateExceptionData(ExceptionData v2ExceptionDa | |||
{ | |||
InnerExceptions = v2ExceptionData.InnerExceptions?.Select(CreateExceptionData).ToList(), | |||
Kind = v2ExceptionData.Kind, | |||
Message = v2ExceptionData.Message, | |||
Message = v2ExceptionData.Message.Text, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
. [](start = 53, length = 1)
"." => "?." #Closed
{ | ||
algorithm = AlgorithmKindVersionOne.Unknown; | ||
} | ||
Utilities.AlgorithmNameKindMap.TryGetValue(key, out AlgorithmKindVersionOne algorithm); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Utilities [](start = 16, length = 9)
Retain the logic that if this method returns false
, algorithm
should be AlgorithmKindVersionOne.Unknown
. #ByDesign
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It does. Unknown is the first element of the enum, assigned a value of '0' (the value to which an enum variable is initialized). Added a note.
In reply to: 226735147 [](ancestors = 226735147)
run.Id = v2Run.InstanceGuid; | ||
|
||
run.Id = v2Run.Id?.InstanceGuid; | ||
run.AutomationId = v2Run.AggregateIds?.First().InstanceId; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
First [](start = 59, length = 5)
FirstOrDefault()?.InstanceId
, on the off chance that the array is present but empty. #Closed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we actually should be scrubbing for this, nearly every array in the standard should be minValues == 1. will open a tracking issue.
In reply to: 226735459 [](ancestors = 226735459)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You added the "?" but you didn't change First
to FirstOrDefault
. First
will throw if the array is empty. (I know you opened a tracking issue but we have the hood up on this one).
In reply to: 226844620 [](ancestors = 226844620,226735459)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@@ -124,7 +125,7 @@ internal ExceptionData CreateExceptionData(ExceptionDataVersionOne v1ExceptionDa | |||
{ | |||
InnerExceptions = v1ExceptionData.InnerExceptions?.Select(CreateExceptionData).ToList(), | |||
Kind = v1ExceptionData.Kind, | |||
Message = v1ExceptionData.Message, | |||
Message = v1ExceptionData.Message.ToMessage(), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
. [](start = 53, length = 1)
"." => "?." #Closed
|
||
// Delete threadFlowLocation.step property: https://github.com/oasis-tcs/sarif-spec/issues/203 | ||
JToken step = threadFlowLocation["step"]; | ||
if (step?.Type == JTokenType.Integer) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if (step?.Type == JTokenType.Integer) [](start = 24, length = 37)
Why the test? You wouldn't keep it around if it were (for example) a string, right? #Closed
return modifiedRun; | ||
} | ||
|
||
internal static bool UpdateInvocationObject(JObject invocation) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Object( [](start = 45, length = 7)
I think UpdateInvocation
suffices. #Closed
invocation["workingDirectory"] = fileLocationObject; | ||
|
||
modifiedInvocation = true; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Bonus points: DRY out by extracting a method
bool ReplaceUriStringWithFileLocation(JObject jObject, string propertyName)
You have the same logic, expressed slightly differently in UpdateOriginalUriBaseIds
below. #Closed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's actually very little shared code here. I did pull out the code in one place but the other didn't naturally utilize it. Oh well.
In reply to: 226765536 [](ancestors = 226765536)
|
||
foreach (JObject notification in notifications) | ||
{ | ||
modifiedNotification |= UpdateNotificationObjects(notification); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Objects [](start = 58, length = 7)
You're passing only one object, so it would be UpdateNotificationObject
, but UpdateNotification
suffices. #Closed
@@ -6,6 +6,7 @@ | |||
using System.Linq; | |||
using System.Resources; | |||
using Microsoft.CodeAnalysis.Sarif.Driver; | |||
using Microsoft.CodeAnalysis.Sarif.Writers; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Writers [](start = 35, length = 7)
Is this a remnant of a change you decided not to make? Since there are no other changes, and it built before, this can't be necessary (unless, I suppose, you changed the namespace of some other class that this class uses). #Closed
@@ -11,18 +11,24 @@ | |||
|
|||
namespace Microsoft.CodeAnalysis.Sarif.Multitool.Rules | |||
{ | |||
public abstract class SkimmerTestsBase<TSkimmer> : SarifMultitoolTestBase | |||
public abstract class ValidationSkimmerTestsBase<TSkimmer> : SarifMultitoolTestBase |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ValidationSkimmerTestsBase [](start = 26, length = 26)
Rename the file to match the class. #Closed
using System; | ||
using System.IO; | ||
using System.Text; | ||
using Xunit; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
System
usings first. #Closed
} | ||
|
||
|
||
private ITestOutputHelper _outputHelper; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
private [](start = 8, length = 7)
readonly
#Closed
} | ||
|
||
|
||
protected virtual Assembly ThisAssembly { get { return this.GetType().Assembly; } } |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ThisAssembly [](start = 35, length = 12)
Consider expression body syntax:
protected virtual Assembly ThisAssembly => this.GetType().Assembly;
``` #Closed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
|
||
protected string GetOutputFilePath(string directory, string resourceName) | ||
{ | ||
string fileName = string.Format("{0}.sarif", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FxCop would complain that you didn't specify CultureInfo.InvariantCulture
. Or just:
string fileName = Path.GetFileNameWithoutExtension(resourcesName) + ".sarif";
``` #Closed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good fix of code i moved. using string.format for what is effectively simple string concat not a good idea, from a micro-optimization standpoint.
In reply to: 226788994 [](ancestors = 226788994)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Many more or less minor nits and quibbles, some potential failure-to-null-check bugs, but nothing that I have to revisit once you've addressed. #Resolved |
We didn't ship this version in NuGet, so that's not literally correct. AFAIK, this suffix is no longer used to delist publishes (its original intent). So I will just delete it. In reply to: 431419604 [](ancestors = 431419604) Refers to: src/build.props:26 in 7aaa3e9. [](commit_id = 7aaa3e9, deletion_comment = False) |
Just fyi, a note like: I will stop remarking on this, is a clue that it my responsible to scrub for it, as I have. :) Then I don't have to close/response to many identical notes. I will not stop explicitly commenting on your repeated notes. :) In reply to: 431445929 [](ancestors = 431445929) Refers to: src/Sarif/Schemata/sarif-schema.json:391 in 7aaa3e9. [](commit_id = 7aaa3e9, deletion_comment = False) |
} | ||
} | ||
|
||
return true; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
true [](start = 19, length = 4)
Yikes! how did I miss this? You need to return modifiedLog
. #Closed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ouch. more signs of failure to utilize detailed unit tests. i will fix that after the fact. this change really exploded on me.
In reply to: 226873484 [](ancestors = 226873484)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ouch. more signs of failure to utilize detailed unit tests. i will fix that after the fact. this change really exploded on me.
In reply to: 226873484 [](ancestors = 226873484)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ouch. more signs of failure to utilize detailed unit tests. i will fix that after the fact. this change really exploded on me.
In reply to: 226873484 [](ancestors = 226873484)
So there is a subtlety to using these properties correctly. We should update In reply to: 431627246 [](ancestors = 431627246,431419604) Refers to: src/build.props:26 in 7aaa3e9. [](commit_id = 7aaa3e9, deletion_comment = False) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Changes in this PR:
CRITICAL FILES TO REVIEW:
Sarif\Schema\sarif-schema.json and
Sarif\Writers\PrereleaseCompatibilityTransformer.cs
Update schema/OM/etc. to schema as of SARIF TC#25, 10-10-2018
originalUriBaseIds is now a dictionary of file locations, not strings.
Suffix invocation.startTime, invocation.endTime, file.lastModifiedTime and notification.time with Utc (startTimeUtc, endTimeUtc, etc.).
threadflowLocation.timestamp renamed to 'executionTimeUtc'.
versionControlDetails.timestamp renamed to 'asOfTimeUtc'.
versionControlDetails.uri renamed to 'repositoryUri'.
exception.message type converted from string to message object.
all the things have property bags
Provide PrereleaseCompatibilityTransformer functionality that automatically upgrades prerelease v2 to current.
NOTE: this mechanism is used to update all existing checked in test files (a significant proof point).
Author new comprehensive prerelease SARIF v1 file to ensure code coverage of all transformations
TODO: author detailed unit tests for this transformer
Remove all inlined schema property bag definitions in preferences of reference to single 'propertyBag' definition
Remove -NoBuildSample from build.
Clean-up alphabetization of CodeGenHints.json
Convert all SARIF v1 <-> v2 tests to operate against checked in files rather than embedded string literals.
Move transformer tests (and test data files) and rename to conform to existing standards.
Delete 'StepValuesMustFormOneBasedSequence' rule. Note to self: the requirement to author a validation rule sometimes a signal of a design flaw. :)
@lgolding @rtaket