Skip to content

implement finding msg for codeql #935

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
clavedeluna wants to merge 2 commits into from
Closed

implement finding msg for codeql #935

clavedeluna wants to merge 2 commits into from

Conversation

@clavedeluna
Copy link
Contributor

@clavedeluna clavedeluna commented Dec 2, 2024

We need to gather as much finding metadata as possible. Implemented finding_msg for codeql, remaining tools as TODO

clavedeluna
clavedeluna commented Dec 2, 2024
View reviewed changes
src/codemodder/codeql.py
return result_set


# TODO: cache, make hashable
Copy link
Contributor Author

@clavedeluna clavedeluna Dec 2, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't have a ton of bandwidth so left it as a todo, since we're passing dict of lists and some other unhashable data here, it's not super fast to do, but we should do it at some point

@clavedeluna clavedeluna enabled auto-merge December 3, 2024 12:25
@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 3, 2024

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

drdavella
drdavella reviewed Dec 3, 2024
View reviewed changes
Copy link
Member

@drdavella drdavella left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@clavedeluna I believe the need for this metadata exists not at the finding level but at the rule level. It's possible that we should expose this at the level of SarifResultSet as a mapping between rule IDs and metadata.

@clavedeluna clavedeluna closed this Dec 4, 2024
auto-merge was automatically disabled December 4, 2024 20:42

Pull request was closed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@drdavella drdavella drdavella left review comments

@andrecsilva andrecsilva Awaiting requested review from andrecsilva andrecsilva is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@clavedeluna @drdavella