Fix relative windows paths in sarif report (#178)

adangel · web-flow · commit 34a63d85c321 · 2023-03-19T10:59:39.000+01:00
Fixes #177
diff --git a/dist/index.js b/dist/index.js
diff --git a/lib/sarif.js b/lib/sarif.js
@@ -30,13 +30,19 @@ const relativizeReport = function (reportFile) {
 
     const prefix = path.normalize(`${process.env['GITHUB_WORKSPACE']}/`);
     const prefixUri = new URL(`file:///${prefix}`).href;
-    core.debug(`Relativizing sarif ${reportFile} report against ${prefix}`);
+    core.debug(`Relativizing sarif report '${reportFile}' against '${prefix}'`);
     report.runs[0].results.forEach(rule => {
         rule.locations.forEach(location => {
             const artifactLocation = location.physicalLocation.artifactLocation;
+            // note: this also converts any backslashes from Windows paths into forward slashes
+            // forward slashes are needed in the sarif report for GitHub annotations and codeql upload
             const uri = new URL(`file:///${artifactLocation.uri}`).href;
             if (uri.startsWith(prefixUri)) {
                 artifactLocation.uri = uri.substring(prefixUri.length);
+            } else {
+                // report contains already relative paths
+                // still use the uri, in order to have forward slashes
+                artifactLocation.uri = uri.substring('file:///'.length);
             }
         })
     });
diff --git a/tests/data/pmd-report-win-relativized.sarif b/tests/data/pmd-report-win-relativized.sarif
@@ -0,0 +1,68 @@
+{
+  "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
+  "version": "2.1.0",
+  "runs": [
+    {
+      "tool": {
+        "driver": {
+          "name": "PMD",
+          "version": "6.54.0",
+          "informationUri": "https://pmd.github.io/pmd/",
+          "rules": [
+            {
+              "id": "UnusedLocalVariable",
+              "shortDescription": {
+                "text": "Variable 'x' defined but not used"
+              },
+              "fullDescription": {
+                "text": "\n        Detects when a local variable is declared and/or assigned but not used.\n        Second line.\n          Third line with additional indentation.\n      Fourth line with less indentation.\n          "
+              },
+              "helpUri": "https://pmd.github.io/pmd-6.40.0/pmd_rules_apex_bestpractices.html#unusedlocalvariable",
+              "help": {
+                "text": "\nDetects when a local variable is declared and/or assigned but not used.\n        "
+              },
+              "properties": {
+                "ruleset": "Best Practices",
+                "priority": 5,
+                "tags": [
+                  "Best Practices"
+                ]
+              }
+            }
+          ]
+        }
+      },
+      "results": [
+        {
+          "ruleId": "UnusedLocalVariable",
+          "ruleIndex": 0,
+          "message": {
+            "text": "Variable 'x' defined but not used"
+          },
+          "locations": [
+            {
+              "physicalLocation": {
+                "artifactLocation": {
+                  "uri": "src\\classes\\UnusedLocalVariableSample.cls"
+                },
+                "region": {
+                  "startLine": 3,
+                  "startColumn": 16,
+                  "endLine": 3,
+                  "endColumn": 16
+                }
+              }
+            }
+          ]
+        }
+      ],
+      "invocations": [
+        {
+          "executionSuccessful": true,
+          "toolConfigurationNotifications": [],
+          "toolExecutionNotifications": []
+        }
+      ]
+    }
+  ]
+}
diff --git a/tests/sarif.test.js b/tests/sarif.test.js
@@ -91,6 +91,22 @@ describe('pmd-github-action-sarif', function () {
       .toBe('src/classes/UnusedLocalVariableSample.cls');
   })
 
+  test('convert backslash to forward slash for already relativized report - windows paths - issue #177', async () => {
+    const reportPath = path.join(tempPath, 'pmd-report.sarif');
+    await io.cp(path.join(__dirname, 'data', 'pmd-report-win-relativized.sarif'), reportPath);
+
+    const reportBefore = sarif.loadReport(reportPath);
+    const windowsPath = 'src\\classes\\UnusedLocalVariableSample.cls';
+    expect(reportBefore.runs[0].results[0].locations[0].physicalLocation.artifactLocation.uri).toBe(windowsPath);
+
+    process.env['GITHUB_WORKSPACE'] = 'D:\\a\\pmd-github-action-test';
+    sarif.relativizeReport(reportPath);
+    const reportAfter = sarif.loadReport(reportPath);
+    // note: not normalizing the paths to platform dependent paths - it must be a valid URI with forward slashes
+    expect(reportAfter.runs[0].results[0].locations[0].physicalLocation.artifactLocation.uri)
+      .toBe('src/classes/UnusedLocalVariableSample.cls');
+  })
+
   test('can properly relativize already relativized report', async () => {
     const reportPath = path.join(tempPath, 'pmd-report.sarif');
     await io.cp(path.join(__dirname, 'data', 'pmd-report-relativized.sarif'), reportPath);
