pre-pr cleanup

pixee · Aug 29, 2023 · 73246c8 · 73246c8
1 parent 0bf61fa
commit 73246c8
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 4 deletions.
diff --git a/...-plugin-semgrep/src/main/java/io/codemodder/providers/sarif/semgrep/SemgrepRuleSarif.java b/...-plugin-semgrep/src/main/java/io/codemodder/providers/sarif/semgrep/SemgrepRuleSarif.java
@@ -58,8 +58,13 @@ public List<Result> getResultsByPath(final Path path) {
     }
     List<Result> results =
         sarif.getRuns().get(0).getResults().stream()
-            // if the semgrep is offline, the rule id will be exactly what we think it should be, if
-            // it's run just-in-time by our code, it will have this weird .<ruleId> suffix
+            /*
+             * The default Semgrep rules have a rule id reported that is what you'd expect. When you run
+             * your own custom rules locally, they'll contain part of the file system path to the rule.
+             *
+             * Because this provides support for both types, we need this check to account for which type
+             * of rule id we're dealing with.
+             */
             .filter(
                 result ->
                     result.getRuleId().endsWith("." + ruleId) || result.getRuleId().equals(ruleId))

diff --git a/...plugin-semgrep/src/test/java/io/codemodder/providers/sarif/semgrep/SemgrepModuleTest.java b/...plugin-semgrep/src/test/java/io/codemodder/providers/sarif/semgrep/SemgrepModuleTest.java
@@ -1,8 +1,7 @@
 package io.codemodder.providers.sarif.semgrep;
 
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.is;
-import static org.hamcrest.Matchers.notNullValue;
+import static org.hamcrest.Matchers.*;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 
 import com.contrastsecurity.sarif.Region;
@@ -250,6 +249,14 @@ void it_works_with_offline_semgrep(@TempDir Path tmpDir) throws IOException {
     assertThat(ruleSarif, is(notNullValue()));
     List<Region> regions = ruleSarif.getRegionsFromResultsByRule(javaFile);
     assertThat(regions.size(), is(1));
+
+    Region region = regions.get(0);
+    assertThat(region.getStartLine(), equalTo(91));
+    assertThat(region.getStartColumn(), equalTo(7));
+    assertThat(
+        ruleSarif.getRule(),
+        equalTo("java.lang.security.audit.unsafe-reflection.unsafe-reflection"));
+    assertThat(ruleSarif.getDriver(), equalTo("semgrep"));
   }
 
   @Codemod(