Issue checkstyle#8905: Add basic SARIF support

martin-mfg · Apr 29, 2021 · 63e3709 · 63e3709
1 parent 01b18d1
commit 63e3709
Show file tree

Hide file tree

Showing 22 changed files with 1,089 additions and 18 deletions.
diff --git a/.ci/jsoref-spellchecker/whitelist.words b/.ci/jsoref-spellchecker/whitelist.words
@@ -91,6 +91,7 @@ avoidstarimport
 avoidstaticimport
 aws
 awt
+azurewebsites
 backend
 backport
 Backquote
@@ -491,6 +492,7 @@ gradlew
 Grenner
 grep
 grepped
+groupon
 grp
 Gsp
 GString
@@ -535,6 +537,7 @@ icu
 identifiernames
 Idref
 idx
+ietf
 Igno
 IGNORETHIS
 igorminar
@@ -1066,6 +1069,7 @@ Rethrown
 returncount
 reviewdog
 revwalk
+rfc
 rfe
 rga
 Rgb
@@ -1093,6 +1097,8 @@ rw
 rx
 sabaka
 Sameline
+sariflogger
+sarifweb
 Savinov
 saxonica
 sbe
@@ -1297,7 +1303,7 @@ utf
 UUID
 UWF
 uxxxx
-Validator
+validator
 VALUEEEE
 vararg
 variabledeclarationusagedistance

diff --git a/config/pmd.xml b/config/pmd.xml
@@ -184,6 +184,9 @@
       <!-- Annotations like '@SuppressWarnings' don't need to be checked, it is better to keep their
              strings connected to the annotation instead of separating. -->
       <property name="skipAnnotations" value="true"/>
+      <!-- Keeping the duplicated strings maintains readability -->
+      <property name="violationSuppressXPath"
+                value="//ClassOrInterfaceDeclaration[@SimpleName='SarifLogger']"/>
     </properties>
   </rule>
   <rule ref="category/java/errorprone.xml/EmptyCatchBlock">
@@ -266,16 +269,17 @@
              are big and should not be split without a good reason.
            The methods visitToken/leaveToken are a big SWITCH block with a number of IF blocks.
              If we split the block to several methods it will damage the readability.
-           XMLLogger.encode, FallThroughCheck.isTerminated, ElementNode.iterateAxis,
-             NoWhitespaceAfterCheck.getArrayDeclaratorPreviousElement are also huge switches,
-             they has to be monolithic.
+           XMLLogger.encode, SarifLogger.escape, FallThroughCheck.isTerminated,
+             ElementNode.iterateAxis, NoWhitespaceAfterCheck.getArrayDeclaratorPreviousElement
+             are also huge switches, they has to be monolithic.
            SuppressFilterElement is a single constructor and can't be split easily -->
       <property name="violationSuppressXPath"
                 value="//ClassOrInterfaceDeclaration[@SimpleName='Main'
         or @SimpleName='PackageObjectFactory' or @SimpleName='RequireThisCheck'
         or @SimpleName='VariableDeclarationUsageDistanceCheck'
         or @SimpleName='HandlerFactory']
       | //ClassOrInterfaceDeclaration[@SimpleName='XMLLogger']//MethodDeclaration[@Name='encode']
+      | //ClassOrInterfaceDeclaration[@SimpleName='SarifLogger']//MethodDeclaration[@Name='escape']
       | //ClassOrInterfaceDeclaration[@SimpleName='LeftCurlyCheck'
         or @SimpleName='FinalLocalVariableCheck'
         or @SimpleName='NPathComplexityCheck']

diff --git a/config/sevntu_suppressions.xml b/config/sevntu_suppressions.xml
@@ -8,7 +8,7 @@
 
   <!-- Fixing these cases will decrease code readability -->
   <suppress checks="MultipleStringLiteralsExtended"
-             files="JavadocStyleCheck\.java|XMLLogger\.java"/>
+             files="JavadocStyleCheck\.java|XMLLogger\.java|SarifLogger\.java"/>
   <suppress checks="MultipleStringLiteralsExtended"
              files=".*[\\/]src[\\/](test|it)[\\/]"/>
   <!-- ParseTreeBuilder is generated, to keep ease of generation violations are suppressed -->

diff --git a/config/suppressions.xml b/config/suppressions.xml
@@ -57,7 +57,7 @@
               |AbbreviationAsWordInNameCheckTest\.java)"/>
 
   <!-- Fixing these cases will decrease code readability -->
-  <suppress checks="MultipleStringLiterals" files="JavadocStyleCheck\.java|XMLLogger\.java"/>
+  <suppress checks="MultipleStringLiterals" files="JavadocStyleCheck\.java|XMLLogger\.java|SarifLogger\.java"/>
 
   <!-- There are a lot of setters/getters in the Check.
      A small number of methods is left for Check's logic -->

diff --git a/pom.xml b/pom.xml
@@ -1588,6 +1588,31 @@
         <artifactId>nondex-maven-plugin</artifactId>
         <version>1.1.2</version>
       </plugin>
+
+      <plugin>
+        <groupId>com.groupon.maven.plugin.json</groupId>
+        <artifactId>json-schema-validator</artifactId>
+        <version>1.2.0</version>
+        <executions>
+          <execution>
+            <phase>verify</phase>
+            <goals>
+              <goal>validate</goal>
+            </goals>
+          </execution>
+        </executions>
+        <configuration>
+          <validations>
+            <validation>
+              <directory>${basedir}/src/test/resources/com/puppycrawl/tools/checkstyle/sariflogger</directory>
+              <jsonSchema>https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json</jsonSchema>
+              <includes>
+                <include>**/*.sarif</include>
+              </includes>
+            </validation>
+          </validations>
+        </configuration>
+      </plugin>
     </plugins>
   </build>
 
@@ -2821,6 +2846,7 @@
                 <param>com.puppycrawl.tools.checkstyle.DefaultLogger*</param>
                 <param>com.puppycrawl.tools.checkstyle.Definitions*</param>
                 <param>com.puppycrawl.tools.checkstyle.XMLLogger*</param>
+                <param>com.puppycrawl.tools.checkstyle.SarifLogger*</param>
                 <param>com.puppycrawl.tools.checkstyle.PackageObjectFactory*</param>
                 <param>com.puppycrawl.tools.checkstyle.PropertiesExpander*</param>
                 <param>com.puppycrawl.tools.checkstyle.PropertyCacheFile*</param>
@@ -2843,6 +2869,7 @@
                 <param>com.puppycrawl.tools.checkstyle.DefaultLoggerTest</param>
                 <param>com.puppycrawl.tools.checkstyle.DefinitionsTest</param>
                 <param>com.puppycrawl.tools.checkstyle.XMLLoggerTest</param>
+                <param>com.puppycrawl.tools.checkstyle.SarifLoggerTest</param>
                 <param>com.puppycrawl.tools.checkstyle.PackageObjectFactoryTest</param>
                 <param>com.puppycrawl.tools.checkstyle.PropertiesExpanderTest</param>
                 <param>com.puppycrawl.tools.checkstyle.PropertyCacheFileTest</param>

diff --git a/src/main/java/com/puppycrawl/tools/checkstyle/Main.java b/src/main/java/com/puppycrawl/tools/checkstyle/Main.java
@@ -542,6 +542,8 @@ private static AutomaticBean.OutputStreamOptions getOutputStreamOptions(Path out
     enum OutputFormat {
         /** XML output format. */
         XML,
+        /** SARIF output format. */
+        SARIF,
         /** Plain output format. */
         PLAIN;
 
@@ -551,13 +553,18 @@ enum OutputFormat {
          * @param out the output stream
          * @param options the output stream options
          * @return a new AuditListener for this OutputFormat
+         * @throws IOException if there is any IO exception during logger initialization
          */
-        public AuditListener createListener(OutputStream out,
-                                            AutomaticBean.OutputStreamOptions options) {
+        public AuditListener createListener(
+            OutputStream out,
+            AutomaticBean.OutputStreamOptions options) throws IOException {
             final AuditListener result;
             if (this == XML) {
                 result = new XMLLogger(out, options);
             }
+            else if (this == SARIF) {
+                result = new SarifLogger(out, options);
+            }
             else {
                 result = new DefaultLogger(out, options);
             }
@@ -697,8 +704,8 @@ private static class CliOptions {
          */
         @Option(names = "-f",
                 description = "Specifies the output format. Valid values: "
-                + "${COMPLETION-CANDIDATES} for XMLLogger and DefaultLogger respectively. "
-                + "Defaults to ${DEFAULT-VALUE}.")
+                + "${COMPLETION-CANDIDATES} for XMLLogger, SarifLogger, "
+                + "and DefaultLogger respectively. Defaults to ${DEFAULT-VALUE}.")
         private OutputFormat format = DEFAULT_OUTPUT_FORMAT;
 
         /** Option that controls whether to print the AST of the file. */