added support for severities coming from duncan branch kpc-hacks-for-demo

Author: kendrickcurtis

.gitignore

@@ -27,6 +27,7 @@ go.work.sum
 # Codacy CLI 
 cli-v2
 codacy-cli
+codacy-cli-v2
 **/.codacy/logs/
 
 

cmd/analyze.go

@@ -436,7 +436,24 @@ func runTool(workDirectory string, toolName string, pathsToCheck []string, outpu
 		isToolInstalled = true
 	}
 
-	if tool == nil || !isToolInstalled {
+	// Special handling for license-sim: always treat as installed and configured
+	if toolName == "license-sim" {
+		// Ensure tool is loaded even if not in config
+		if tool == nil {
+			// Add license-sim to config if not present
+			err := config.Config.AddToolWithDefaultVersion(toolName)
+			if err != nil {
+				return fmt.Errorf("failed to add license-sim to configuration: %w", err)
+			}
+			tool = config.Config.Tools()[toolName]
+		}
+		isToolInstalled = true // Always treat license-sim as installed
+	}
+
+	// Skip installation for @local tools (version == "local")
+	shouldSkipInstallation := tool != nil && tool.Version == "local"
+
+	if (tool == nil || !isToolInstalled) && !shouldSkipInstallation {
 		if tool == nil {
 			fmt.Println("Tool configuration not found, adding and installing...")
 		}

utils/sarif.go

@@ -283,47 +283,114 @@ func FilterRulesFromSarif(sarifData []byte) ([]byte, error) {
 // Adjust fields as needed based on actual license-sim JSON output
 // Example fields: File, Function, License, Similarity, etc.
 type LicenseSimIssue struct {
-	FilePath   string  `json:"file_path"`
-	Function   string  `json:"function_name"`
-	License    string  `json:"license_type"`
-	Similarity float64 `json:"similarity"`
-	Line       int     `json:"line"`
-	Message    string  `json:"message"`
+	FilePath        string  `json:"file_path"`
+	Function        string  `json:"function_name"`
+	License         string  `json:"license_type"`
+	Similarity      float64 `json:"similarity"`
+	Line            int     `json:"line"`
+	Message         string  `json:"message"`
+	SeverityLevel   string  `json:"severity_level"`
+	EnhancedMessage string  `json:"enhanced_message"`
 }
 
-// ConvertLicenseSimToSarif converts license-sim JSON output to SARIF format
-func ConvertLicenseSimToSarifWithFile(licenseSimOutput []byte, scannedFile string) []byte {
+// parseLicenseSimInput parses the license-sim JSON output into issues
+func parseLicenseSimInput(licenseSimOutput []byte) ([]LicenseSimIssue, error) {
 	var issues []LicenseSimIssue
 
 	// Try to unmarshal as {"results": [...]}
 	var wrapper struct {
 		Results []LicenseSimIssue `json:"results"`
 	}
 	if err := json.Unmarshal(licenseSimOutput, &wrapper); err == nil && len(wrapper.Results) > 0 {
-		issues = wrapper.Results
-	} else {
-		// Fallback: try to unmarshal as a flat array
-		if err := json.Unmarshal(licenseSimOutput, &issues); err != nil {
-			fmt.Fprintf(os.Stderr, "[DEBUG] LicenseSimToSarif: failed to parse input as array or results wrapper: %v\nRaw input: %s\n", err, string(licenseSimOutput))
-			return createEmptySarifReport()
-		}
+		return wrapper.Results, nil
 	}
 
-	if scannedFile == "" {
-		// Try to detect the scanned file from the input (first issue's file_path or fallback)
-		if len(issues) > 0 {
-			for _, issue := range issues {
-				if !strings.HasPrefix(issue.FilePath, "../") && issue.FilePath != "" {
-					scannedFile = issue.FilePath
-					break
-				}
+	// Fallback: try to unmarshal as a flat array
+	if err := json.Unmarshal(licenseSimOutput, &issues); err != nil {
+		return nil, fmt.Errorf("failed to parse input: %w", err)
+	}
+	return issues, nil
+}
+
+// determineScannedFile determines the scanned file name from issues or uses fallback
+func determineScannedFile(issues []LicenseSimIssue, scannedFile string) string {
+	if scannedFile != "" {
+		return scannedFile
+	}
+
+	// Try to detect the scanned file from the input (first issue's file_path or fallback)
+	if len(issues) > 0 {
+		for _, issue := range issues {
+			if !strings.HasPrefix(issue.FilePath, "../") && issue.FilePath != "" {
+				return issue.FilePath
 			}
 		}
-		if scannedFile == "" {
-			scannedFile = "license-sim-test.php" // fallback, ideally should be passed in
+	}
+	return "license-sim-test.php" // fallback
+}
+
+// processLicenseSimIssue converts a single license-sim issue to a SARIF result
+func processLicenseSimIssue(issue LicenseSimIssue, scannedFile string) *Result {
+	ruleId := issue.License
+	if ruleId == "" {
+		ruleId = "license-sim-match"
+	}
+
+	// Use severity level and message from license-sim if available
+	level := issue.SeverityLevel
+	if level == "" {
+		// Fallback to note if not provided
+		level = "note"
+	}
+
+	message := issue.EnhancedMessage
+	if message == "" {
+		// Fallback to basic message if enhanced message not available
+		percent := int(issue.Similarity * 100)
+		if issue.FilePath != "" {
+			message = fmt.Sprintf("code similar to licensed code (%d%%) in %s", percent, issue.FilePath)
+		} else {
+			message = fmt.Sprintf("code similar to licensed code (%d%%)", percent)
 		}
 	}
 
+	startLine := issue.Line
+	if startLine <= 0 {
+		startLine = 1
+	}
+	endLine := startLine
+	if endLine <= 0 {
+		endLine = startLine
+	}
+
+	return &Result{
+		RuleID:  ruleId,
+		Level:   level,
+		Message: MessageText{Text: message},
+		Locations: []Location{
+			{
+				PhysicalLocation: PhysicalLocation{
+					ArtifactLocation: ArtifactLocation{URI: scannedFile},
+					Region: Region{
+						StartLine: startLine,
+						EndLine:   endLine,
+					},
+				},
+			},
+		},
+	}
+}
+
+// ConvertLicenseSimToSarif converts license-sim JSON output to SARIF format
+func ConvertLicenseSimToSarifWithFile(licenseSimOutput []byte, scannedFile string) []byte {
+	issues, err := parseLicenseSimInput(licenseSimOutput)
+	if err != nil {
+		fmt.Fprintf(os.Stderr, "[DEBUG] LicenseSimToSarif: %v\nRaw input: %s\n", err, string(licenseSimOutput))
+		return createEmptySarifReport()
+	}
+
+	scannedFile = determineScannedFile(issues, scannedFile)
+
 	sarifReport := SarifReport{
 		Version: "2.1.0",
 		Schema:  "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
@@ -342,44 +409,9 @@ func ConvertLicenseSimToSarifWithFile(licenseSimOutput []byte, scannedFile strin
 	}
 
 	for _, issue := range issues {
-		ruleId := issue.License
-		if ruleId == "" {
-			ruleId = "license-sim-match"
-		}
-		// Compose message with similarity score and reference file if available
-		percent := int(issue.Similarity * 100)
-		msg := issue.Message
-		if msg == "" {
-			msg = fmt.Sprintf("code similar to licensed code (%d%%)", percent)
-			if issue.FilePath != "" {
-				msg += " in " + issue.FilePath
-			}
-		}
-		startLine := issue.Line
-		if startLine <= 0 {
-			startLine = 1
+		if result := processLicenseSimIssue(issue, scannedFile); result != nil {
+			sarifReport.Runs[0].Results = append(sarifReport.Runs[0].Results, *result)
 		}
-		endLine := startLine
-		if endLine <= 0 {
-			endLine = startLine
-		}
-		result := Result{
-			RuleID:  ruleId,
-			Level:   "note",
-			Message: MessageText{Text: msg},
-			Locations: []Location{
-				{
-					PhysicalLocation: PhysicalLocation{
-						ArtifactLocation: ArtifactLocation{URI: scannedFile},
-						Region: Region{
-							StartLine: startLine,
-							EndLine:   endLine,
-						},
-					},
-				},
-			},
-		}
-		sarifReport.Runs[0].Results = append(sarifReport.Runs[0].Results, result)
 	}
 
 	sarifData, err := json.MarshalIndent(sarifReport, "", "  ")