Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: added option --sarif-file-output for snyk code test [NEBULA-157] #2640

Merged
merged 1 commit into from
Feb 3, 2022
Merged

feat: added option --sarif-file-output for snyk code test [NEBULA-157] #2640

merged 1 commit into from
Feb 3, 2022

Conversation

patricia-v
Copy link
Contributor

@patricia-v patricia-v commented Jan 28, 2022
edited
Loading

What this does

This PR adds support to the --sarif-file-output flag in snyk code test.
The commands snyk test and snyk iac test support this flag, while snyk code test only supports --sarif but not writing to a file directly.

Notes for the reviewer

Run snyk code test --sarif-file-output in a repository to generate a file with the sarif result. This can be used simultaneously with other flags like --sarif and --no-markdown.

More information

@github-actions
Copy link
Contributor

github-actions bot commented Jan 28, 2022
edited
Loading

Warnings
⚠️

Since the CLI is unifying on a standard and improved tooling, we're starting to migrate old-style imports and exports to ES6 ones.
A file you've modified is using either module.exports or require(). If you can, please update them to ES6 import syntax and export syntax.
Files found:

  • test/jest/unit/snyk-code/snyk-code-test.spec.ts

Generated by 🚫 dangerJS against 06a8a8c

@patricia-v patricia-v changed the title feat: added option --sarif-file-output for snyk code test feat: added option --sarif-file-output for snyk code test [NEBULA-157] Jan 28, 2022
@patricia-v patricia-v marked this pull request as ready for review January 28, 2022 16:16
@patricia-v patricia-v requested review from a team as code owners January 28, 2022 16:16
ArturSnyk
ArturSnyk reviewed Jan 31, 2022
View reviewed changes
src/lib/plugins/sast/index.ts Show resolved Hide resolved
src/lib/plugins/sast/index.ts Show resolved Hide resolved
test/jest/unit/snyk-code/snyk-code-test.spec.ts Outdated
code: true,
_: [],
_doubleDashArgs: [],
'sarif-file-output': 'test',
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nitpicking] since sarif is a JSON-based format, i would name the file to reflect that it is indeed a json file

Suggested change
'sarif-file-output': 'test',
'sarif-file-output': 'test.json',

test/jest/unit/snyk-code/snyk-code-test.spec.ts Outdated Show resolved Hide resolved
@patricia-v patricia-v force-pushed the feat/support-sarif-file-output-in-snyk-code-test branch from ca345db to 06a8a8c Compare February 2, 2022 14:07
@patricia-v patricia-v requested a review from a team February 2, 2022 14:07
@patricia-v patricia-v merged commit 466afce into master Feb 3, 2022
@patricia-v patricia-v deleted the feat/support-sarif-file-output-in-snyk-code-test branch February 3, 2022 08:24
@snyk-bot snyk-bot mentioned this pull request Feb 24, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@robcresswell robcresswell robcresswell approved these changes

@ArturSnyk ArturSnyk ArturSnyk approved these changes

@Avishagp Avishagp Avishagp approved these changes

@miiila miiila Awaiting requested review from miiila miiila was automatically assigned from snyk/sast-team

@muscar muscar Awaiting requested review from muscar muscar was automatically assigned from snyk/snyk-open-source

@anthogez anthogez Awaiting requested review from anthogez anthogez was automatically assigned from snyk/snyk-open-source

@tonidevine1 tonidevine1 Awaiting requested review from tonidevine1 tonidevine1 was automatically assigned from snyk/snyk-open-source

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
4 participants
@patricia-v @robcresswell @ArturSnyk @Avishagp