fix: stabilise rule id in sarif

Remove unnecessary parts and keep the rule id as LANGUAGE/RULE
snyk · Dec 17, 2020 · 552389f · 552389f
1 parent ff6f275
commit 552389f
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 4 deletions.
diff --git a/src/sarif_converter.ts b/src/sarif_converter.ts
@@ -50,8 +50,9 @@ const getTools = (analysisResults: IAnalysisResult, suggestions: ISarifSuggestio
       2: 'warning',
       3: 'error',
     }[suggestion.severity];
-
-    const suggestionId = suggestion.id;
+    // payload comes as URIencoded
+    const language = suggestion.id.split('%2F')[0];
+    const suggestionId = `${language}/${suggestion.rule}`;
     const rule = {
       id: suggestionId,
       name: suggestion.rule,
@@ -66,7 +67,7 @@ const getTools = (analysisResults: IAnalysisResult, suggestions: ISarifSuggestio
         text: '',
       },
       properties: {
-        tags: [suggestionId.split('%2F')[0], ...suggestion.tags, ...suggestion.categories],
+        tags: [language, ...suggestion.tags, ...suggestion.categories],
         precision: 'very-high',
       } as { tags: string[]; precision: string; cwe?: string[] },
     };

diff --git a/tests/git.analysis.spec.ts b/tests/git.analysis.spec.ts
@@ -86,7 +86,7 @@ describe('Functional test of analysis', () => {
     expect(bundle.sarifResults?.runs[0].results?.length).toEqual(118);
     expect(bundle.sarifResults?.runs[0].tool?.driver.rules?.length).toEqual(118);
 
-    const cweRule = bundle.sarifResults?.runs[0].tool?.driver.rules?.find(r => r.id === 'java%2Fdc_interfile_project%2FPT');
+    const cweRule = bundle.sarifResults?.runs[0].tool?.driver.rules?.find(r => r.id === 'java/PT');
     expect(cweRule?.properties?.cwe).toContain('CWE-23');
     expect(cweRule?.shortDescription?.text).toEqual('Path Traversal');