Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: added a new option: --no-markdown for sarif output #2630

Merged
merged 3 commits into from
Jan 27, 2022
Merged

feat: added a new option: --no-markdown for sarif output #2630

merged 3 commits into from
Jan 27, 2022

Conversation

saark-snyk
Copy link
Contributor

@saark-snyk saark-snyk commented Jan 26, 2022
edited

What does this PR do?

Adding a new flag to options, --no-markdown, which removes the markdown property from result.message when using sarif output.

How should this be manually tested?

snyk code test --sarif --no-markdown

Any background context you want to provide?

Slack discussion: https://snyk.slack.com/archives/C01U14WSN73/p1642928960104800

What are the relevant tickets?

This is a result of a support ticket: https://snyk.zendesk.com/agent/tickets/18450

@saark-snyk saark-snyk requested review from a team as code owners January 26, 2022 12:57
@github-actions
Copy link
Contributor

github-actions bot commented Jan 26, 2022
edited

Warnings
⚠️

Since the CLI is unifying on a standard and improved tooling, we're starting to migrate old-style imports and exports to ES6 ones.
A file you've modified is using either module.exports or require(). If you can, please update them to ES6 import syntax and export syntax.
Files found:

  • test/jest/unit/snyk-code/snyk-code-test.spec.ts

Generated by 🚫 dangerJS against 0075634

pkey
pkey reviewed Jan 26, 2022
View reviewed changes
src/lib/plugins/sast/index.ts Outdated
if (options.sarif || options.json) {
if (numOfIssues > 0) {
if (options['no-markdown']) {
sarifTypedResult.runs?.[0].results?.forEach((result) => {
result.message = omit(result.message, ['markdown']);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apparently omit is not great for performance... Would it be better to just use either delete or object spread? I'm aware that this code will only be run if no-markdown is passed.

robcresswell
robcresswell reviewed Jan 26, 2022
View reviewed changes
src/lib/plugins/sast/index.ts Outdated
if (options.sarif || options.json) {
if (numOfIssues > 0) {
if (options['no-markdown']) {
sarifTypedResult.runs?.[0].results?.forEach((result) => {
result.message = omit(result.message, ['markdown']);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would be better not to use lodash here. You could call delete since you're modifying in place anyway.

robcresswell
robcresswell approved these changes Jan 26, 2022
View reviewed changes
Copy link
Contributor

@robcresswell robcresswell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fine from SOS pov, but I'm not a huge fan; feels like a hack to work around a bug elsewhere?

@saark-snyk
Copy link
Contributor Author

saark-snyk commented Jan 26, 2022
edited

Fine from SOS pov, but I'm not a huge fan; feels like a hack to work around a bug elsewhere?

@robcresswell something like that, all the details in the PR description. (I share the same opinion)

JackuB
JackuB reviewed Jan 26, 2022
View reviewed changes
help/cli-commands/code.md Outdated
@@ -53,6 +53,10 @@ Print results in JSON format.

Return results in SARIF format.

## `--no-markdown`

Should be used when using `--sarif`. Will remove the `markdown` field from the `result.message` object. Might help if parsing `arguments` is not working properly.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Docs should be written in active voice.
Also, I'm not sure about the "Might help if" part, but up to you.

Suggested change
Should be used when using `--sarif`. Will remove the `markdown` field from the `result.message` object. Might help if parsing `arguments` is not working properly.
Removes the `markdown` field from the `result.message` object. Should be used when using `--sarif`.

@saark-snyk saark-snyk merged commit e6ff4b4 into master Jan 27, 2022
@saark-snyk saark-snyk deleted the feat/no-markdown branch January 27, 2022 08:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JackuB JackuB JackuB approved these changes

@robcresswell robcresswell robcresswell approved these changes

@pkey pkey pkey approved these changes

@orkamara orkamara Awaiting requested review from orkamara orkamara was automatically assigned from snyk/sast-team

@muscar muscar Awaiting requested review from muscar muscar was automatically assigned from snyk/snyk-open-source

@jk05 jk05 Awaiting requested review from jk05 jk05 was automatically assigned from snyk/snyk-open-source

@snykhenrik snykhenrik Awaiting requested review from snykhenrik snykhenrik was automatically assigned from snyk/snyk-open-source

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
4 participants
@saark-snyk @JackuB @robcresswell @pkey