Merge pull request #1110 from The-Jonsey/feature/ignore-sarif-suppres…

…sions Ignore suppressed issues in sarif reports
jenkinsci · Nov 27, 2024 · 3693955 · 3693955
2 parents eb9872a + b601e95
commit 3693955
Show file tree

Hide file tree

Showing 3 changed files with 198 additions and 0 deletions.
diff --git a/src/main/java/edu/hm/hafner/analysis/parser/violations/SarifAdapter.java b/src/main/java/edu/hm/hafner/analysis/parser/violations/SarifAdapter.java
@@ -40,6 +40,11 @@ void extractAdditionalProperties(final IssueBuilder builder, final Violation vio
         }
     }
 
+    @Override
+    boolean isValid(final Violation violation) {
+        return violation.getSpecifics().getOrDefault("suppressed", "false").equals("false");
+    }
+
     private String removePrefix(final String fileName) {
         if (WINDOWS_PATH_ON_UNIX.matcher(fileName).matches()) {
             return fileName.substring(1);

diff --git a/src/test/java/edu/hm/hafner/analysis/parser/violations/SarifAdapterTest.java b/src/test/java/edu/hm/hafner/analysis/parser/violations/SarifAdapterTest.java
@@ -79,6 +79,26 @@ void handleBrokenPathsInFileURIschemeFormat(final String fileName) {
         }
     }
 
+    @Test
+    void shouldIgnoreSuppressedIssues() {
+        var report = parse("suppressed-sarif.json");
+        try (var softly = new SoftAssertions()) {
+            softly.assertThat(report).hasSize(2);
+            softly.assertThat(report.get(0))
+                    .hasFileName("/whatever/path.c")
+                    .hasLineStart(123)
+                    .hasType("Cyclomatic complexity")
+                    .hasSeverity(Severity.WARNING_HIGH);
+            softly.assertThat(report.get(0).getMessage()).matches("asdasd");
+            softly.assertThat(report.get(1))
+                    .hasFileName("/whatever/path.c")
+                    .hasLineStart(123)
+                    .hasType("abcdef")
+                    .hasSeverity(Severity.WARNING_LOW);
+            softly.assertThat(report.get(1).getMessage()).matches("asdasd");
+        }
+    }
+
     @Override
     protected SarifAdapter createParser() {
         return new SarifAdapter();

diff --git a/src/test/resources/edu/hm/hafner/analysis/parser/violations/suppressed-sarif.json b/src/test/resources/edu/hm/hafner/analysis/parser/violations/suppressed-sarif.json
@@ -0,0 +1,173 @@
+{
+  "runs": [
+    {
+      "invocations": [],
+      "language": "en-US",
+      "versionControlProvenance": [],
+      "artifacts": [],
+      "logicalLocations": [],
+      "graphs": [],
+      "results": [
+        {
+          "ruleId": "",
+          "ruleIndex": -1,
+          "kind": "FAIL",
+          "level": "note",
+          "message": {
+            "text": "asdasd",
+            "arguments": []
+          },
+          "locations": [
+            {
+              "id": -1,
+              "physicalLocation": {
+                "artifactLocation": {
+                  "uri": "/whatever/path.c",
+                  "index": -1
+                },
+                "region": {
+                  "startLine": 123,
+                  "endLine": 123,
+                  "charOffset": -1,
+                  "byteOffset": -1,
+                  "message": {
+                    "text": "asdasd",
+                    "arguments": []
+                  }
+                }
+              },
+              "logicalLocations": [],
+              "annotations": [],
+              "relationships": []
+            }
+          ],
+          "stacks": [],
+          "codeFlows": [],
+          "graphs": [],
+          "graphTraversals": [],
+          "relatedLocations": [],
+          "suppressions": [
+            {
+              "state": "accepted",
+              "justification": "bla"
+            }
+          ],
+          "rank": -1.0,
+          "attachments": [],
+          "workItemUris": [],
+          "fixes": [],
+          "taxa": []
+        },
+        {
+          "ruleId": "abcdef",
+          "ruleIndex": -1,
+          "kind": "FAIL",
+          "level": "note",
+          "message": {
+            "text": "asdasd",
+            "arguments": []
+          },
+          "locations": [
+            {
+              "id": -1,
+              "physicalLocation": {
+                "artifactLocation": {
+                  "uri": "/whatever/path.c",
+                  "index": -1
+                },
+                "region": {
+                  "startLine": 123,
+                  "endLine": 123,
+                  "charOffset": -1,
+                  "byteOffset": -1,
+                  "message": {
+                    "text": "asdasd",
+                    "arguments": []
+                  }
+                }
+              },
+              "logicalLocations": [],
+              "annotations": [],
+              "relationships": []
+            }
+          ],
+          "stacks": [],
+          "codeFlows": [],
+          "graphs": [],
+          "graphTraversals": [],
+          "relatedLocations": [],
+          "suppressions": [
+            {
+              "state": "rejected",
+              "justification": "bla"
+            }
+          ],
+          "rank": -1.0,
+          "attachments": [],
+          "workItemUris": [],
+          "fixes": [],
+          "taxa": []
+        },
+        {
+          "ruleId": "Cyclomatic complexity",
+          "ruleIndex": -1,
+          "kind": "FAIL",
+          "level": "error",
+          "message": {
+            "text": "asdasd",
+            "arguments": []
+          },
+          "locations": [
+            {
+              "id": -1,
+              "physicalLocation": {
+                "artifactLocation": {
+                  "uri": "/whatever/path.c",
+                  "index": -1
+                },
+                "region": {
+                  "startLine": 123,
+                  "endLine": 123,
+                  "charOffset": -1,
+                  "byteOffset": -1,
+                  "message": {
+                    "text": "asdasd",
+                    "arguments": []
+                  }
+                }
+              },
+              "logicalLocations": [],
+              "annotations": [],
+              "relationships": []
+            }
+          ],
+          "stacks": [],
+          "codeFlows": [],
+          "graphs": [],
+          "graphTraversals": [],
+          "relatedLocations": [],
+          "suppressions": [],
+          "rank": -1.0,
+          "attachments": [],
+          "workItemUris": [],
+          "fixes": [],
+          "taxa": []
+        }
+      ],
+      "runAggregates": [],
+      "redactionTokens": [],
+      "newlineSequences": [
+        "\r\n",
+        "\n"
+      ],
+      "threadFlowLocations": [],
+      "taxonomies": [],
+      "addresses": [],
+      "translations": [],
+      "policies": [],
+      "webRequests": [],
+      "webResponses": []
+    }
+  ],
+  "inlineExternalProperties": []
+}