Added argument can now be a list of arguments for list formatting
Artifact lines can now be omitted to show entire file
This commit is contained in:
parent
887fb71a27
commit
ca6fee127c
@ -217,11 +217,11 @@ from typing import TypedDict
|
|||||||
|
|
||||||
class Artifact(TypedDict):
|
class Artifact(TypedDict):
|
||||||
file: str
|
file: str
|
||||||
lines: list[int]
|
lines: NotRequired[list[int]]
|
||||||
|
|
||||||
class SecurityRule(TypedDict):
|
class SecurityRule(TypedDict):
|
||||||
status: str
|
status: str
|
||||||
argument: str
|
argument: str | list[str]
|
||||||
artifacts: NotRequired[list[Artifact]]
|
artifacts: NotRequired[list[Artifact]]
|
||||||
|
|
||||||
rule_schema = yaml.safe_load("""type: object
|
rule_schema = yaml.safe_load("""type: object
|
||||||
@ -238,10 +238,17 @@ properties:
|
|||||||
- not applicable
|
- not applicable
|
||||||
- unknown
|
- unknown
|
||||||
argument:
|
argument:
|
||||||
|
anyOf:
|
||||||
|
- type: string
|
||||||
|
- type: array
|
||||||
|
items:
|
||||||
type: string
|
type: string
|
||||||
artifacts:
|
artifacts:
|
||||||
type: array
|
type: array
|
||||||
items:
|
items:
|
||||||
|
additionalProperties: no
|
||||||
|
required:
|
||||||
|
- file
|
||||||
type: object
|
type: object
|
||||||
properties:
|
properties:
|
||||||
file:
|
file:
|
||||||
@ -300,16 +307,21 @@ def artifact_to_string(info: ModelInformation, artifact: Artifact):
|
|||||||
file = Path(artifact['file'])
|
file = Path(artifact['file'])
|
||||||
filename = file.name
|
filename = file.name
|
||||||
file_url = f"https://github.com/{info['slug']}/blob/{info.get('branch', 'master')}/{artifact['file']}"
|
file_url = f"https://github.com/{info['slug']}/blob/{info.get('branch', 'master')}/{artifact['file']}"
|
||||||
return f"- {filename}: Line{'s'[:len(artifact['lines'])^1]}: {', '.join(f'[{line}]({file_url}#L{line})' for line in artifact['lines'])}"
|
lines = artifact.get("lines")
|
||||||
|
if lines is None:
|
||||||
|
return f"- {filename}: [File]({file_url})"
|
||||||
|
return f"- {filename}: Line{'s'[:len(lines)^1]}: {', '.join(f'[{line}]({file_url}#L{line})' for line in lines)}"
|
||||||
|
|
||||||
|
|
||||||
def rule_to_string(info: ModelInformation, id: int, rule: SecurityRule | None):
|
def rule_to_string(info: ModelInformation, id: int, rule: SecurityRule | None):
|
||||||
if rule is None:
|
if rule is None:
|
||||||
# warning(f"Rule {id} is missing!") # TODO Enable warning
|
warning(f"Rule {id} is missing!")
|
||||||
return ""
|
return ""
|
||||||
|
argument = rule['argument']
|
||||||
|
argument = argument if isinstance(argument, str) else "".join(f"\n1. {arg}" for arg in argument)
|
||||||
text = f"""#### Rule {id}: {rule_names[id]}
|
text = f"""#### Rule {id}: {rule_names[id]}
|
||||||
|
|
||||||
This rule is {rule['status']}: {rule['argument']}"""
|
This rule is {rule['status']}: {argument}"""
|
||||||
artifacts = rule.get("artifacts", [])
|
artifacts = rule.get("artifacts", [])
|
||||||
if len(artifacts) > 0:
|
if len(artifacts) > 0:
|
||||||
text = text + f"""
|
text = text + f"""
|
||||||
|
@ -16,33 +16,24 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"argument": {
|
"argument": {
|
||||||
"type": "string"
|
"anyOf": [
|
||||||
|
{ "type": "string" },
|
||||||
|
{ "type": "array", "items": { "type": "string" } }
|
||||||
|
]
|
||||||
},
|
},
|
||||||
"artifacts": {
|
"artifacts": {
|
||||||
"type": "array",
|
"type": "array",
|
||||||
"items": [
|
"items": {
|
||||||
{
|
|
||||||
"type": "object",
|
"type": "object",
|
||||||
"additionalProperties": false,
|
"additionalProperties": false,
|
||||||
"properties": {
|
"properties": {
|
||||||
"file": {
|
"file": { "type": "string" },
|
||||||
"type": "string"
|
"lines": { "type": "array", "items": { "type": "integer" } }
|
||||||
},
|
|
||||||
"lines": {
|
|
||||||
"type": "array",
|
|
||||||
"items": [
|
|
||||||
{
|
|
||||||
"type": "integer"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
},
|
},
|
||||||
"required": [
|
"required": [
|
||||||
"file",
|
"file"
|
||||||
"lines"
|
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
]
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"required": [
|
"required": [
|
||||||
|
Loading…
Reference in New Issue
Block a user