Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Tool.Extensions property & Fix and include v2 tests in makefile #78

Merged
merged 12 commits into from
Jul 3, 2024
Merged

Support Tool.Extensions property & Fix and include v2 tests in makefile #78

merged 12 commits into from
Jul 3, 2024

Conversation

kaiwenleee
Copy link

@kaiwenleee kaiwenleee commented Jun 19, 2024
edited
Loading

📑 Description

Support Tool.Extensions property, whose value is an array of toolComponent objects. See https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/os/sarif-v2.1.0-errata01-os-complete.html#_Toc141790782

Example:

{                          # A tool object.
  "driver": {              # See §3.18.2.
    "name": "CodeScanner",
    "fullName": "CodeScanner 1.1, Developer Preview (en-US)",
    "semanticVersion": "1.1.2-beta.12",
    "version": "1.1.2b12",
    ...
  },
  "extensions": [          # See §3.18.3.
    {
      "name": "CodeScanner Security Rules",
      "version": "3.1",
      ...
    }
  ]
}

Also:

  • Added a test case for tool.extensions.
  • Updated v2 report_stage_test. Now it's actually testing v2 sarif reports.
  • Fixed v2 tests that failed.
  • Updated makefile to also run v2 tests.

✅ Checks

  • My pull request adheres to the code style of this project
  • My code requires changes to the documentation
  • I have updated the documentation as required
  • All the tests have passed

ℹ Additional Information

@kaiwenleee kaiwenleee changed the title Support Tool.Extensions property Support Tool.Extensions property & Fix and include v2 tests in makefile Jun 21, 2024
owenrumney
owenrumney requested changes Jul 2, 2024
View reviewed changes
Copy link
Owner

@owenrumney owenrumney left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey - thanks for this, looks like the switched from master to main so the link changed to https://raw.githubusercontent.com/oasis-tcs/sarif-spec/main/sarif-2.1/schema/sarif-schema-2.1.0.json

I'll update the other ones in another PR

v2/test/report_test.go Outdated Show resolved Hide resolved
v2/test/report_test.go Outdated Show resolved Hide resolved
v2/test/report_test.go Outdated Show resolved Hide resolved
v2/test/report_test.go Outdated Show resolved Hide resolved
v2/test/report_test.go Outdated Show resolved Hide resolved
v2/test/report_test.go Outdated Show resolved Hide resolved
v2/test/report_test.go Outdated Show resolved Hide resolved
v2/test/report_test.go Outdated Show resolved Hide resolved
@owenrumney owenrumney merged commit 07358e7 into owenrumney:main Jul 3, 2024
1 check passed
another-rex referenced this pull request in google/osv-scanner Jul 8, 2024
@renovate-bot @another-rex
fix(deps): update osv-scanner minor (#1102)
2eaea73 
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence | Type |
Update |
|---|---|---|---|---|---|---|---|
| [deps.dev/api/v3](https://togithub.com/google/deps.dev) |
`v3.0.0-20240617015216-b147e04533eb` ->
`v3.0.0-20240701054435-542fb1833d6b` |
[![age](https://developer.mend.io/api/mc/badges/age/go/deps.dev%2fapi%2fv3/v3.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/deps.dev%2fapi%2fv3/v3.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/deps.dev%2fapi%2fv3/v3.0.0-20240617015216-b147e04533eb/v3.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/deps.dev%2fapi%2fv3/v3.0.0-20240617015216-b147e04533eb/v3.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| require | patch |
| [deps.dev/util/maven](https://togithub.com/google/deps.dev) |
`b147e04` -> `542fb18` |
[![age](https://developer.mend.io/api/mc/badges/age/go/deps.dev%2futil%2fmaven/v0.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/deps.dev%2futil%2fmaven/v0.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/deps.dev%2futil%2fmaven/v0.0.0-20240617015216-b147e04533eb/v0.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/deps.dev%2futil%2fmaven/v0.0.0-20240617015216-b147e04533eb/v0.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| require | digest |
| [deps.dev/util/resolve](https://togithub.com/google/deps.dev) |
`b147e04` -> `542fb18` |
[![age](https://developer.mend.io/api/mc/badges/age/go/deps.dev%2futil%2fresolve/v0.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/deps.dev%2futil%2fresolve/v0.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/deps.dev%2futil%2fresolve/v0.0.0-20240617015216-b147e04533eb/v0.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/deps.dev%2futil%2fresolve/v0.0.0-20240617015216-b147e04533eb/v0.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| require | digest |
| [deps.dev/util/semver](https://togithub.com/google/deps.dev) |
`b147e04` -> `542fb18` |
[![age](https://developer.mend.io/api/mc/badges/age/go/deps.dev%2futil%2fsemver/v0.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/deps.dev%2futil%2fsemver/v0.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/deps.dev%2futil%2fsemver/v0.0.0-20240617015216-b147e04533eb/v0.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/deps.dev%2futil%2fsemver/v0.0.0-20240617015216-b147e04533eb/v0.0.0-20240701054435-542fb1833d6b?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| require | digest |
|
[github.com/owenrumney/go-sarif/v2](https://togithub.com/owenrumney/go-sarif)
| `v2.3.1` -> `v2.3.2` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fowenrumney%2fgo-sarif%2fv2/v2.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fowenrumney%2fgo-sarif%2fv2/v2.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fowenrumney%2fgo-sarif%2fv2/v2.3.1/v2.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fowenrumney%2fgo-sarif%2fv2/v2.3.1/v2.3.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| require | patch |
| golang.org/x/exp | `7f521ea` -> `46b0784` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fexp/v0.0.0-20240707233637-46b078467d37?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fexp/v0.0.0-20240707233637-46b078467d37?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fexp/v0.0.0-20240613232115-7f521ea00fb8/v0.0.0-20240707233637-46b078467d37?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fexp/v0.0.0-20240613232115-7f521ea00fb8/v0.0.0-20240707233637-46b078467d37?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| require | digest |
| golang.org/x/mod | `v0.18.0` -> `v0.19.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fmod/v0.19.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fmod/v0.19.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fmod/v0.18.0/v0.19.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fmod/v0.18.0/v0.19.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| golang.org/x/term | `v0.21.0` -> `v0.22.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fterm/v0.22.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fterm/v0.22.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fterm/v0.21.0/v0.22.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fterm/v0.21.0/v0.22.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| [google.golang.org/grpc](https://togithub.com/grpc/grpc-go) |
`v1.64.0` -> `v1.65.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fgrpc/v1.65.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fgrpc/v1.65.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fgrpc/v1.64.0/v1.65.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fgrpc/v1.64.0/v1.65.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |

---

### Release Notes

<details>
<summary>owenrumney/go-sarif
(github.com/owenrumney/go-sarif/v2)</summary>

###
[`v2.3.2`](https://togithub.com/owenrumney/go-sarif/releases/tag/v2.3.2)

[Compare
Source](https://togithub.com/owenrumney/go-sarif/compare/v2.3.1...v2.3.2)

#### What's Changed

- Support Tool.Extensions property & Fix and include v2 tests in
makefile by [@&#8203;kaiwenleee](https://togithub.com/kaiwenleee) in
[https://github.com/owenrumney/go-sarif/pull/78](https://togithub.com/owenrumney/go-sarif/pull/78)

#### New Contributors

- [@&#8203;kaiwenleee](https://togithub.com/kaiwenleee) made their first
contribution in
[https://github.com/owenrumney/go-sarif/pull/78](https://togithub.com/owenrumney/go-sarif/pull/78)

**Full Changelog**:
owenrumney/go-sarif@v2.3.1...v2.3.2

</details>

<details>
<summary>grpc/grpc-go (google.golang.org/grpc)</summary>

### [`v1.65.0`](https://togithub.com/grpc/grpc-go/releases/tag/v1.65.0):
Release 1.65.0

[Compare
Source](https://togithub.com/grpc/grpc-go/compare/v1.64.1...v1.65.0)

### Dependencies

- Change support policy to cover only the latest TWO releases of Go,
matching the policy for Go itself. See
[#&#8203;7249](https://togithub.com/grpc/grpc-go/issues/7249) for more
information.
([#&#8203;7250](https://togithub.com/grpc/grpc-go/issues/7250))
- Update x/net/http2 to address
[CVE-2023-45288](https://nvd.nist.gov/vuln/detail/CVE-2023-45288)
([#&#8203;7282](https://togithub.com/grpc/grpc-go/issues/7282))

### Behavior Changes

- credentials/tls: clients and servers will now reject connections that
don't support ALPN when environment variable `GRPC_ENFORCE_ALPN_ENABLED`
is set to "true" (case insensitive).
([#&#8203;7184](https://togithub.com/grpc/grpc-go/issues/7184))
    -   NOTE: this behavior will become the default in a future release.
- metadata: remove String method from MD to make printing more
consistent
([#&#8203;7373](https://togithub.com/grpc/grpc-go/issues/7373))

### New Features

- grpc: add `WithMaxCallAttempts` to configure gRPC's retry behavior
per-channel.
([#&#8203;7229](https://togithub.com/grpc/grpc-go/issues/7229))
- Special Thanks: [@&#8203;imoore76](https://togithub.com/imoore76)

### Bug Fixes

- ringhash: properly apply endpoint weights instead of ignoring them
([#&#8203;7156](https://togithub.com/grpc/grpc-go/issues/7156))
- xds: fix a bug that could cause xds-enabled servers to stop accepting
new connections after handshaking errors
([#&#8203;7128](https://togithub.com/grpc/grpc-go/issues/7128))
    -   Special Thanks: [@&#8203;bozaro](https://togithub.com/bozaro)

### [`v1.64.1`](https://togithub.com/grpc/grpc-go/releases/tag/v1.64.1):
Release 1.64.1

[Compare
Source](https://togithub.com/grpc/grpc-go/compare/v1.64.0...v1.64.1)

### Dependencies

- Update x/net/http2 to address
[CVE-2023-45288](https://nvd.nist.gov/vuln/detail/CVE-2023-45288)
([#&#8203;7352](https://togithub.com/grpc/grpc-go/issues/7352))
- metadata: remove String method from MD to make printing consistent
([#&#8203;7374](https://togithub.com/grpc/grpc-go/issues/7374))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on monday" in timezone
Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/google/osv-scanner).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MjEuOSIsInVwZGF0ZWRJblZlciI6IjM3LjQyMS45IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->

---------

Co-authored-by: Rex P <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@owenrumney owenrumney owenrumney approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kaiwenleee @owenrumney