Module: Legion::Extensions::Detect::Formatters::Sarif

Defined in:
lib/legion/extensions/detect/formatters/sarif.rb

Constant Summary collapse

SCHEMA = 
'https://json.schemastore.org/sarif-2.1.0.json'
SARIF_VERSION = 
'2.1.0'
SEVERITY_MAP = 
{
  missing:   'warning',
  installed: 'note'
}.freeze

Class Method Summary collapse

Class Method Details

.build_results(detections) ⇒ Object 



59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
 
# File 'lib/legion/extensions/detect/formatters/sarif.rb', line 59

def build_results(detections)
  detections.flat_map do |detection|
    detection[:extensions].filter_map do |ext|
      next if detection[:installed][ext]

      {
        'ruleId'     => "detect/#{ext}",
        'level'      => 'warning',
        'message'    => {
          'text' => "#{detection[:name]} detected (#{detection[:matched_signals].join(', ')}) but #{ext} is not installed"
        },
        'properties' => {
          'matched_signals' => detection[:matched_signals],
          'detection_name'  => detection[:name]
        }
      }
    end
  end
end

.build_rules(detections) ⇒ Object 



45
46
47
48
49
50
51
52
53
54
55
56
57
 
# File 'lib/legion/extensions/detect/formatters/sarif.rb', line 45

def build_rules(detections)
  rules = detections.flat_map do |detection|
    detection[:extensions].map do |ext|
      {
        'id'                   => "detect/#{ext}",
        'name'                 => detection[:name],
        'shortDescription'     => { 'text' => "#{detection[:name]} detected — #{ext} recommended" },
        'defaultConfiguration' => { 'level' => 'warning' }
      }
    end
  end
  rules.uniq { |r| r['id'] }
end

.format(detections) ⇒ Object 



20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
 
# File 'lib/legion/extensions/detect/formatters/sarif.rb', line 20

def format(detections)
  rules   = build_rules(detections)
  results = build_results(detections)

  {
    '$schema' => SCHEMA,
    'version' => SARIF_VERSION,
    'runs'    => [{
      'tool'    => {
        'driver' => {
          'name'           => 'legion-detect',
          'version'        => VERSION,
          'informationUri' => 'https://github.com/LegionIO/lex-detect',
          'rules'          => rules
        }
      },
      'results' => results
    }]
  }
end

.to_json(detections) ⇒ Object 



41
42
43
 
# File 'lib/legion/extensions/detect/formatters/sarif.rb', line 41

def to_json(detections)
  ::JSON.pretty_generate(format(detections))
end