fix: Add path param validation

andrzej-janczak · andrzej-janczak · commit c25c315b3b3a · 2025-06-13T10:55:21.000+02:00
- Added a new function to validate the existence of provided paths before analysis.
- Updated the analyze command's short and long descriptions for clarity.
- Improved error logging when failing to retrieve the current working directory.
- Enhanced SARIF output merging to handle empty files and invalid JSON more gracefully.
diff --git a/cmd/analyze.go b/cmd/analyze.go
@@ -369,15 +369,33 @@ func runTool(workDirectory string, toolName string, pathsToCheck []string, outpu
 	return runToolByName(toolName, workDirectory, pathsToCheck, autoFix, outputFile, outputFormat, tool, runtime)
 }
 
+// validatePaths checks if all provided paths exist and returns an error if any don't
+func validatePaths(paths []string) error {
+	for _, path := range paths {
+		if _, err := os.Stat(path); os.IsNotExist(err) {
+			return fmt.Errorf("❌ Error: cannot find file or directory '%s'", path)
+		}
+	}
+	return nil
+}
+
 var analyzeCmd = &cobra.Command{
 	Use:   "analyze",
-	Short: "Runs all configured linters.",
-	Long:  "Runs all configured tools for code analysis. Use --tool flag to run a specific tool.",
+	Short: "Analyze code using configured tools",
+	Long:  `Analyze code using configured tools and output results in the specified format.`,
 	Run: func(cmd *cobra.Command, args []string) {
+		// Validate paths before proceeding
+		if err := validatePaths(args); err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+
+		// Get current working directory
 		workDirectory, err := os.Getwd()
 		if err != nil {
-			log.Fatal(err)
+			log.Fatalf("Failed to get current working directory: %v", err)
 		}
+
 		var toolsToRun map[string]*plugins.ToolInfo
 
 		if toolsToAnalyzeParam != "" {
diff --git a/utils/sarif.go b/utils/sarif.go
@@ -204,9 +204,26 @@ func MergeSarifOutputs(inputFiles []string, outputFile string) error {
 			return fmt.Errorf("failed to read SARIF file %s: %w", file, err)
 		}
 
+		// Skip empty files
+		if len(data) == 0 {
+			continue
+		}
+
 		var sarif SimpleSarifReport
 		if err := json.Unmarshal(data, &sarif); err != nil {
-			return fmt.Errorf("failed to parse SARIF file %s: %w", file, err)
+			// If file is empty or invalid JSON, create an empty SARIF report - extra protection from invalid files
+			emptySarif := SimpleSarifReport{
+				Version: "2.1.0",
+				Schema:  "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
+				Runs:    []json.RawMessage{},
+			}
+			emptyData, err := json.Marshal(emptySarif)
+			if err != nil {
+				return fmt.Errorf("failed to create empty SARIF report: %w", err)
+			}
+			if err := json.Unmarshal(emptyData, &sarif); err != nil {
+				return fmt.Errorf("failed to parse empty SARIF report: %w", err)
+			}
 		}
 
 		mergedSarif.Runs = append(mergedSarif.Runs, sarif.Runs...)
