-
Notifications
You must be signed in to change notification settings - Fork 10
Expand file tree
/
Copy pathtest_sarif_processing.py
More file actions
59 lines (48 loc) · 1.92 KB
/
Copy pathtest_sarif_processing.py
File metadata and controls
59 lines (48 loc) · 1.92 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
from codemodder.sarifs import extract_rule_id
from codemodder.sarifs import results_by_path_and_rule_id
from pathlib import Path
import subprocess
import json
class TestSarifProcessing:
def test_extract_rule_id_codeql(self):
sarif_file = Path("tests") / "samples" / "webgoat_v8.2.0_codeql.sarif"
with open(sarif_file, "r", encoding="utf-8") as f:
data = json.load(f)
sarif_run = data["runs"][0]
result = sarif_run["results"][0]
rule_id = extract_rule_id(result, sarif_run)
assert rule_id == "java/ssrf"
def test_extract_rule_id_semgrep(self):
sarif_file = Path("tests") / "samples" / "semgrep.sarif"
with open(sarif_file, "r", encoding="utf-8") as f:
data = json.load(f)
sarif_run = data["runs"][0]
result = sarif_run["results"][0]
rule_id = extract_rule_id(result, sarif_run)
assert rule_id == "secure-random"
def test_results_by_path_and_rule_id(self):
sarif_file = Path("tests") / "samples" / "semgrep.sarif"
results = results_by_path_and_rule_id(sarif_file)
expected_path = "tests/samples/insecure_random.py"
assert list(results.keys()) == [expected_path]
expected_rule = "secure-random"
rule_in_path = next(iter(results[expected_path].keys()))
assert expected_rule == rule_in_path
def test_codeql_sarif_input(self, tmpdir):
completed_process = subprocess.run(
[
"python",
"-m",
"codemodder",
"tests/samples/",
"--sarif",
"tests/samples/webgoat_v8.2.0_codeql.sarif",
"--output",
tmpdir / "doesntmatter.txt",
"--codemod-include",
"secure-random",
"--dry-run",
],
check=False,
)
assert completed_process.returncode == 0