Skip to content

Commit adfb0ff

Browse files
GeekMasherGeekMasher
committed
feat: Improve severity mapping and enhance result handling in CodeQLService
1 parent cb96ab1 commit adfb0ff

File tree

1 file changed

+23
-7
lines changed

1 file changed

+23
-7
lines changed

src/services/codeqlService.ts

Lines changed: 23 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -249,7 +249,7 @@ export class CodeQLService {
249249
);
250250

251251
const results = this.convertAlertsToResults(alerts);
252-
252+
253253
// Notify UI immediately when remote results are available
254254
if (this.resultsCallback && results.length > 0) {
255255
this.resultsCallback(results);
@@ -1006,7 +1006,9 @@ export class CodeQLService {
10061006
const rule = rules.find((r: any) => r.id === result.ruleId);
10071007
// Use sub-severity from rules if available, otherwise map severity
10081008
const severity =
1009-
rule?.properties?.["sub-severity"] || this.mapSeverity(result.level);
1009+
this.mapSeverity(
1010+
rule?.properties?.["security-severity"] || result.level
1011+
) || "medium";
10101012

10111013
const location = result.locations[0];
10121014
const physicalLocation = location.physicalLocation;
@@ -1077,7 +1079,21 @@ export class CodeQLService {
10771079
return results;
10781080
}
10791081

1080-
private mapSeverity(level?: string): string {
1082+
private mapSeverity(level?: string): string | null {
1083+
if (!level) return null;
1084+
1085+
try {
1086+
// Try and parse level as a number if it's a string
1087+
const parseLevel = parseFloat(level);
1088+
// Bit of a hack
1089+
if (parseLevel >= 9.0) return "critical";
1090+
else if (parseLevel >= 7.0) return "high";
1091+
else if (parseLevel >= 5.0) return "medium";
1092+
else if (parseLevel >= 3.0) return "low";
1093+
else return "info";
1094+
} catch (error) {}
1095+
1096+
// Check if the level is a float
10811097
switch (level?.toLowerCase()) {
10821098
case "critical":
10831099
return "critical";
@@ -1089,7 +1105,7 @@ export class CodeQLService {
10891105
case "info":
10901106
return "low";
10911107
default:
1092-
return "medium";
1108+
return "info";
10931109
}
10941110
}
10951111

@@ -1159,7 +1175,7 @@ export class CodeQLService {
11591175
language
11601176
);
11611177
allResults.push(...results);
1162-
1178+
11631179
// Notify UI immediately when SARIF results are loaded
11641180
if (this.resultsCallback && results.length > 0) {
11651181
this.resultsCallback([...allResults]); // Send a copy of all results so far
@@ -1213,7 +1229,7 @@ export class CodeQLService {
12131229
language
12141230
);
12151231
allResults.push(...results);
1216-
1232+
12171233
// Notify UI immediately when SARIF results are loaded
12181234
if (this.resultsCallback && results.length > 0) {
12191235
this.resultsCallback([...allResults]); // Send a copy of all results so far
@@ -1245,7 +1261,7 @@ export class CodeQLService {
12451261
language
12461262
);
12471263
allResults.push(...results);
1248-
1264+
12491265
// Notify UI immediately when SARIF results are loaded
12501266
if (this.resultsCallback && results.length > 0) {
12511267
this.resultsCallback([...allResults]); // Send a copy of all results so far

0 commit comments

Comments
 (0)