Module: StillActive::SarifHelper

Extended by:

SarifHelper

Included in:

SarifHelper

Defined in:

lib/helpers/sarif_helper.rb

Overview

Renders a still_active workflow result as a SARIF 2.1.0 document. The output is suitable for upload to GitHub Code Scanning via github/codeql-action/upload-sarif.

Constant Summary

SARIF_SCHEMA =

"https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json"

TOOL_NAME =

"still_active"

TOOL_URI =

"https://github.com/SeanLF/still_active"

LIBYEAR_THRESHOLD =

1.0

SCORECARD_LOW_THRESHOLD =

4.0

ABANDONED_SECONDS =

2 years

2 * 365 * 24 * 60 * 60

Instance Method Summary

• #render(result:, ruby_info:, lockfile_path:, tool_version:) ⇒ Object

  result: same hash StillActive::Workflow.call returns (gem_name => gem_data) ruby_info: optional Ruby freshness hash (or nil) lockfile_path: path to Gemfile.lock for line annotations tool_version: StillActive::VERSION at emit time.

Instance Method Details

#render(result:, ruby_info:, lockfile_path:, tool_version:) ⇒ Object

result: same hash StillActive::Workflow.call returns (gem_name => gem_data) ruby_info: optional Ruby freshness hash (or nil) lockfile_path: path to Gemfile.lock for line annotations tool_version: StillActive::VERSION at emit time

# File 'lib/helpers/sarif_helper.rb', line 28

def render(result:, ruby_info:, lockfile_path:, tool_version:)
  lockfile_content = File.read(lockfile_path)
  line_index = LockfileIndexer.gem_line_index(lockfile_content)
  ruby_line = LockfileIndexer.ruby_version_line(lockfile_content)
  lockfile_uri = File.basename(lockfile_path)

  results = build_results(
    report: result,
    ruby_info: ruby_info,
    line_index: line_index,
    ruby_line: ruby_line,
    lockfile_uri: lockfile_uri,
  )

  JSON.pretty_generate(document(results: results, tool_version: tool_version))
end