node-sarif-builder - npm Package Compare versions

Comparing version 2.0.3-beta202203262325.0 to 2.0.3-beta202210230105.0

.cspell.json

@@ -165,2 +165,3 @@ {
     "jsproj",
+    "keymap",
     "kicad",
@@ -210,2 +211,3 @@ "ktlint",
     "opencl",
+    "oxsecurity",
     "oxygene",
@@ -212,0 +214,0 @@ "pasm",

.eslintrc.json

@@ -17,4 +17,3 @@ {
     "plugin:import/typescript",
-    "prettier",
-    "prettier/@typescript-eslint"
+    "prettier"
   ],
@@ -21,0 +20,0 @@ "globals": {

.github/CONTRIBUTING.md

 # Example Contributing Guidelines
 
-This is an example of GitHub's contributing guidelines file. Check out GitHub's [CONTRIBUTING.md help center article](https://help.github.com/articles/setting-guidelines-for-repository-contributors/) for more information.
+This is an example of GitHub's contributing guidelines file. Check out GitHub's [CONTRIBUTING.md help center article](https://help.github.com/articles/setting-guidelines-for-repository-contributors/) for more information. <!-- markdown-link-check-disable-line -->

CHANGELOG.md

@@ -7,2 +7,7 @@ # Changelog
 
+## [2.0.3] 2022-10-23
+
+- Run yarn-audit-fix to upgrade dependencies with security issues (minimist, node-fetch)
+- CI: Upgrade MegaLinter to v6
+
 ## [2.0.2] 2022-01-30
@@ -9,0 +14,0 @@

package.json

 {
   "name": "node-sarif-builder",
-  "version": "2.0.3-beta202203262325.0",
+  "version": "2.0.3-beta202210230105.0",
   "description": "Module to help building SARIF log files",
@@ -5,0 +5,0 @@ "main": "dist/index.js",

README.md

@@ -21,5 +21,5 @@ # node-sarif-builder
 SARIF logs can be:
-- **Uploaded to DevOps tools**, like [Github](https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning), [Azure DevOps](https://github.com/microsoft/sarif-azuredevops-extension) to show issues directly in their web UI
+- **Uploaded to DevOps tools**, like [Github](https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning), [Azure DevOps](https://github.com/microsoft/sarif-azuredevops-extension) to show issues directly in their web UI <!-- markdown-link-check-disable-line -->
 - **Visualized in IDEs**, like [Visual Studio Code](https://marketplace.visualstudio.com/items?itemName=MS-SarifVSCode.sarif-viewer), [Visual Studio](https://marketplace.visualstudio.com/items?itemName=WDGIS.MicrosoftSarifViewer), [Jetbrains editors](https://plugins.jetbrains.com/plugin/16938-qodana)
-- **Aggregated by multi-language linters**, like [MegaLinter](https://megalinter.github.io/latest/)
+- **Aggregated by multi-language linters**, like [MegaLinter](https://oxsecurity.github.io/megalinter/latest/)
 
@@ -26,0 +26,0 @@ Example of linters that can output logs in SARIF format:

src/lib/sarif-builder.ts

@@ -19,3 +19,3 @@ import * as path from 'path'
     runs: []
-  };
+  }
 
@@ -22,0 +22,0 @@ // Initialize SARIF Log builder

src/lib/sarif-result-builder.ts

@@ -8,16 +8,16 @@ import { ArtifactLocation, Region, Result } from 'sarif'
 export class SarifResultBuilder {
-    // Default result value
-    result: Result = {
-      level: 'error',
-      message: {},
-      ruleId:
+  // Default result value
+  result: Result = {
+    level: 'error',
+    message: {},
+    ruleId:
             'SARIF_BUILDER_INVALID: Please send the rule Id ruleId property, or call setRuleId(ruleId)'
-    };
+  }
 
-    // Initialize SARIF Result builder
-    constructor (options: SarifResultOptions = {}) {
-      setOptionValues(options, this.result)
-    }
+  // Initialize SARIF Result builder
+  constructor (options: SarifResultOptions = {}) {
+    setOptionValues(options, this.result)
+  }
 
-    initSimple (options: {
+  initSimple (options: {
         level: Result.level;
@@ -32,62 +32,62 @@ messageText: string;
     }) {
-      this.setLevel(options.level)
-      this.setMessageText(options.messageText)
-      this.setRuleId(options.ruleId)
-      if (options.fileUri) {
-        this.setLocationArtifactUri({ uri: options.fileUri })
+    this.setLevel(options.level)
+    this.setMessageText(options.messageText)
+    this.setRuleId(options.ruleId)
+    if (options.fileUri) {
+      this.setLocationArtifactUri({ uri: options.fileUri })
+    }
+    if (options.startLine !== null && options.startLine !== undefined) {
+      // Initialize Region with default values with necessary
+      const region: Region = {
+        startLine: options.startLine,
+        startColumn: options.startColumn || 1,
+        endLine: options.endLine || options.startLine,
+        endColumn: options.endColumn || 1
       }
-      if (options.startLine !== null && options.startLine !== undefined) {
-        // Initialize Region with default values with necessary
-        const region: Region = {
-          startLine: options.startLine,
-          startColumn: options.startColumn || 1,
-          endLine: options.endLine || options.startLine,
-          endColumn: options.endColumn || 1
-        }
-        // Check for invalid region values
-        if (options.startLine === 0 || options.startColumn === 0 || options.endLine === 0 || options.endColumn === 0) {
-          throw new Error('Region limit can not be 0 (minimum line 1 or column 1) in ' + JSON.stringify(options))
-        }
-        this.setLocationRegion(region)
+      // Check for invalid region values
+      if (options.startLine === 0 || options.startColumn === 0 || options.endLine === 0 || options.endColumn === 0) {
+        throw new Error('Region limit can not be 0 (minimum line 1 or column 1) in ' + JSON.stringify(options))
       }
-      return this
+      this.setLocationRegion(region)
     }
+    return this
+  }
 
-    setLevel (level: Result.level) {
-      this.result.level = level
-    }
+  setLevel (level: Result.level) {
+    this.result.level = level
+  }
 
-    setMessageText (message: string) {
-      this.result.message.text = message
-    }
+  setMessageText (message: string) {
+    this.result.message.text = message
+  }
 
-    setRuleId (ruleId: string) {
-      this.result.ruleId = ruleId
-    }
+  setRuleId (ruleId: string) {
+    this.result.ruleId = ruleId
+  }
 
-    setLocationRegion (region: Region) {
-      this.manageInitPhysicalLocation()
-      this.result.locations[0].physicalLocation.region = region
-    }
+  setLocationRegion (region: Region) {
+    this.manageInitPhysicalLocation()
+    this.result.locations[0].physicalLocation.region = region
+  }
 
-    setLocationArtifactUri (artifactLocation: ArtifactLocation) {
-      this.manageInitPhysicalLocation()
-      this.result.locations[0].physicalLocation.artifactLocation =
+  setLocationArtifactUri (artifactLocation: ArtifactLocation) {
+    this.manageInitPhysicalLocation()
+    this.result.locations[0].physicalLocation.artifactLocation =
             artifactLocation
-    }
+  }
 
-    private manageInitLocation () {
-      if (this.result?.locations?.length) {
-        return
-      }
-      this.result.locations = [{}]
+  private manageInitLocation () {
+    if (this.result?.locations?.length) {
+      return
     }
+    this.result.locations = [{}]
+  }
 
-    private manageInitPhysicalLocation () {
-      this.manageInitLocation()
-      if (this.result?.locations[0].physicalLocation) {
-        return
-      }
-      this.result.locations[0].physicalLocation = {}
+  private manageInitPhysicalLocation () {
+    this.manageInitLocation()
+    if (this.result?.locations[0].physicalLocation) {
+      return
     }
+    this.result.locations[0].physicalLocation = {}
+  }
 }

src/lib/sarif-rule-builder.ts

@@ -11,15 +11,15 @@ import { ReportingDescriptor } from 'sarif'
 export class SarifRuleBuilder {
-    rule: ReportingDescriptor = {
-      id: 'SARIF_BUILDER_INVALID: Please send the rule identifier in id property, or call setRuleId(ruleId)',
-      shortDescription: {
-        text: 'SARIF_BUILDER_INVALID: Please send the rule text in shortDescription.text property, or call setShortDescriptionText(text)'
-      }
-    };
-
-    // Initialize SARIF Run builder
-    constructor (options: SarifRuleOptions = {}) {
-      setOptionValues(options, this.rule)
+  rule: ReportingDescriptor = {
+    id: 'SARIF_BUILDER_INVALID: Please send the rule identifier in id property, or call setRuleId(ruleId)',
+    shortDescription: {
+      text: 'SARIF_BUILDER_INVALID: Please send the rule text in shortDescription.text property, or call setShortDescriptionText(text)'
     }
+  }
 
-    initSimple (options: {
+  // Initialize SARIF Run builder
+  constructor (options: SarifRuleOptions = {}) {
+    setOptionValues(options, this.rule)
+  }
+
+  initSimple (options: {
         ruleId: string;
@@ -30,31 +30,31 @@ shortDescriptionText: string;
     }) {
-      this.setRuleId(options.ruleId)
-      if (options.shortDescriptionText) {
-        this.setShortDescriptionText(options.shortDescriptionText)
-      }
-      if (options.fullDescriptionText) {
-        this.setFullDescriptionText(options.fullDescriptionText)
-      }
-      if (options.helpUri) {
-        this.setHelpUri(options.helpUri)
-      }
-      return this
+    this.setRuleId(options.ruleId)
+    if (options.shortDescriptionText) {
+      this.setShortDescriptionText(options.shortDescriptionText)
     }
-
-    setRuleId (ruleId: string) {
-      this.rule.id = ruleId
+    if (options.fullDescriptionText) {
+      this.setFullDescriptionText(options.fullDescriptionText)
     }
-
-    setShortDescriptionText (shortDescriptionText: string) {
-      this.rule.shortDescription.text = shortDescriptionText
+    if (options.helpUri) {
+      this.setHelpUri(options.helpUri)
     }
+    return this
+  }
 
-    setFullDescriptionText (fullDescriptionText: string) {
-      this.rule.fullDescription = this.rule.fullDescription || { text: '' }
-      this.rule.fullDescription.text = fullDescriptionText
-    }
+  setRuleId (ruleId: string) {
+    this.rule.id = ruleId
+  }
 
-    setHelpUri (url: string) {
-      this.rule.helpUri = url
-    }
+  setShortDescriptionText (shortDescriptionText: string) {
+    this.rule.shortDescription.text = shortDescriptionText
+  }
+
+  setFullDescriptionText (fullDescriptionText: string) {
+    this.rule.fullDescription = this.rule.fullDescription || { text: '' }
+    this.rule.fullDescription.text = fullDescriptionText
+  }
+
+  setHelpUri (url: string) {
+    this.rule.helpUri = url
+  }
 }

src/lib/sarif-run-builder.ts

@@ -11,48 +11,48 @@ import { Run } from 'sarif'
 export class SarifRunBuilder {
-    // Default run value
-    run: Run = {
-      tool: {
-        driver: {
-          name:
+  // Default run value
+  run: Run = {
+    tool: {
+      driver: {
+        name:
                     process.env.npm_package_name ||
                     'SARIF_BUILDER_INVALID: Please send the tool name in tool.driver.name property, or call setToolName(name)',
-          rules: []
-        }
-      },
-      results: []
-    };
+        rules: []
+      }
+    },
+    results: []
+  }
 
-    // Initialize SARIF Run builder
-    constructor (options: SarifRunOptions = {}) {
-      setOptionValues(options, this.run)
-    }
+  // Initialize SARIF Run builder
+  constructor (options: SarifRunOptions = {}) {
+    setOptionValues(options, this.run)
+  }
 
-    initSimple (options: { toolDriverName: string; toolDriverVersion: string, url?: string }) {
-      this.setToolDriverName(options.toolDriverName)
-      this.setToolDriverVersion(options.toolDriverVersion)
-      if (options.url) {
-        this.setToolDriverUri(options.url)
-      }
-      return this
+  initSimple (options: { toolDriverName: string; toolDriverVersion: string, url?: string }) {
+    this.setToolDriverName(options.toolDriverName)
+    this.setToolDriverVersion(options.toolDriverVersion)
+    if (options.url) {
+      this.setToolDriverUri(options.url)
     }
+    return this
+  }
 
-    addRule (sarifRuleBuilder: SarifRuleBuilder) {
-      this.run.tool.driver.rules.push(sarifRuleBuilder.rule)
-    }
+  addRule (sarifRuleBuilder: SarifRuleBuilder) {
+    this.run.tool.driver.rules.push(sarifRuleBuilder.rule)
+  }
 
-    addResult (sarifResultBuilder: SarifResultBuilder) {
-      this.run.results.push(sarifResultBuilder.result)
-    }
+  addResult (sarifResultBuilder: SarifResultBuilder) {
+    this.run.results.push(sarifResultBuilder.result)
+  }
 
-    setToolDriverName (name: string) {
-      this.run.tool.driver.name = name
-    }
+  setToolDriverName (name: string) {
+    this.run.tool.driver.name = name
+  }
 
-    setToolDriverVersion (version: string) {
-      this.run.tool.driver.version = version
-    }
+  setToolDriverVersion (version: string) {
+    this.run.tool.driver.version = version
+  }
 
-    setToolDriverUri (url: string) {
-      this.run.tool.driver.informationUri = url
-    }
+  setToolDriverUri (url: string) {
+    this.run.tool.driver.informationUri = url
+  }
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

306752

increased by0.07%

Lines of code

4812

increased by0.02%

No dependency changes