@fabasoad/sarif-to-slack 0.1.1 → 0.2.1

package/etc/sarif-to-slack.api.md

@@ -7,12 +7,36 @@
 import type { Log } from 'sarif';
 
 // @public
-export type IncludeAwareProps = {
+export enum CalculateResultsBy {
+    Level = 0,
+    Severity = 1
+}
+
+// @public
+export type FooterOptions = IncludeAwareWithValueOptions & {
+    type?: FooterType;
+};
+
+// @public
+export enum FooterType {
+    Markdown = "mrkdwn",
+    PlainText = "plain_text"
+}
+
+// @public
+export enum GroupResultsBy {
+    Run = 1,
+    ToolName = 0,
+    Total = 2
+}
+
+// @public
+export type IncludeAwareOptions = {
     include: boolean;
 };
 
 // @public
-export type IncludeAwareWithValueProps = IncludeAwareProps & {
+export type IncludeAwareWithValueOptions = IncludeAwareOptions & {
     value?: string;
 };
 
@@ -28,7 +52,20 @@ export enum LogLevel {
 }
 
 // @public
-export type Sarif = Log;
+export type LogOptions = {
+    level?: LogLevel;
+    template?: string;
+    colored?: boolean;
+};
+
+// @public
+export type SarifLog = Log;
+
+// @public
+export type SarifToSlackOutput = {
+    groupBy: GroupResultsBy;
+    calculateBy: CalculateResultsBy;
+};
 
 // @public
 export class SarifToSlackService {
@@ -45,16 +82,17 @@ export type SarifToSlackServiceOptions = {
     username?: string;
     iconUrl?: string;
     color?: string;
-    logLevel?: LogLevel | string;
-    header?: IncludeAwareWithValueProps;
-    footer?: IncludeAwareWithValueProps;
-    actor?: IncludeAwareWithValueProps;
-    run?: IncludeAwareProps;
+    log?: LogOptions;
+    header?: IncludeAwareWithValueOptions;
+    footer?: FooterOptions;
+    actor?: IncludeAwareWithValueOptions;
+    run?: IncludeAwareOptions;
+    output?: SarifToSlackOutput;
 };
 
 // @public
 export interface SlackMessage {
-    sarif: Sarif;
+    sarif: SarifLog;
     send: () => Promise<string>;
 }
 

package/jest.config.json

@@ -10,10 +10,10 @@
   ],
   "coverageThreshold": {
     "global": {
-      "branches": 20,
-      "functions": 15,
-      "lines": 25,
-      "statements": 25
+      "branches": 15,
+      "functions": 10,
+      "lines": 15,
+      "statements": 15
     }
   },
   "moduleFileExtensions": [

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fabasoad/sarif-to-slack",
-  "version": "0.1.1",
+  "version": "0.2.1",
   "description": "TypeScript library to send results of SARIF file to Slack webhook URL.",
   "main": "dist/index.js",
   "module": "dist/index.js",
@@ -8,12 +8,15 @@
   "private": false,
   "scripts": {
     "lint": "biome lint --write src",
-    "test": "jest --config=jest.config.json --json --outputFile=jest-report.json --coverage",
+    "test": "jest --config=jest.config.json --json --outputFile=jest-report.json --coverage --testNamePattern=unit",
+    "test:integration": "jest --config=jest.config.json --testNamePattern=integration",
     "clean": "rm -rf coverage && rm -rf temp",
     "clean:unsafe": "rm -f package-lock.json && rm -rf node_modules && rm -rf dist && rm -rf lib",
     "tsc": "tsc",
-    "build": "tsc && api-extractor run --local --verbose",
+    "prebuild": "./scripts/save-version.sh",
+    "build": "npm run tsc && api-extractor run --local --verbose",
     "prepublishOnly": "npm run build",
+    "preinstall": "./scripts/save-version.sh",
     "version:patch": "npm version patch --commit-hooks --git-tag-version --message 'chore: bump to version %s'",
     "version:minor": "npm version minor --commit-hooks --git-tag-version --message 'chore: bump to version %s'",
     "version:major": "npm version major --commit-hooks --git-tag-version --message 'chore: bump to version %s'",
@@ -33,24 +36,25 @@
   "author": "Yevhen Fabizhevskyi",
   "license": "MIT",
   "bugs": {
-    "url": "https://github.com/fabasoad/sarif-to-slack-action/issues"
+    "url": "https://github.com/fabasoad/sarif-to-slack/issues"
   },
   "publishConfig": {
     "access": "public"
   },
-  "homepage": "https://github.com/fabasoad/sarif-to-slack-action#readme",
+  "homepage": "https://github.com/fabasoad/sarif-to-slack#readme",
   "dependencies": {
     "@slack/webhook": "7.0.5",
     "@types/sarif": "2.1.7",
+    "immutable": "5.1.3",
     "tslog": "4.9.3"
   },
   "devDependencies": {
-    "@biomejs/biome": "1.9.4",
-    "@microsoft/api-documenter": "7.26.29",
-    "@microsoft/api-extractor": "7.52.8",
+    "@biomejs/biome": "2.1.2",
+    "@microsoft/api-documenter": "7.26.30",
+    "@microsoft/api-extractor": "7.52.9",
     "@types/jest": "30.0.0",
-    "jest": "30.0.3",
-    "jest-circus": "30.0.3",
+    "jest": "30.0.5",
+    "jest-circus": "30.0.5",
     "ts-jest": "29.4.0",
     "typescript": "5.8.3"
   }

package/scripts/save-version.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env sh
+
+version=$(jq -r '.version' package.json)
+echo "// This file is autogenerated by scripts/save-version.sh" > src/version.ts
+echo "// Do not edit it manually!" >> src/version.ts
+echo "export const LIB_VERSION = '${version}'" >> src/version.ts

package/src/Logger.ts

@@ -1,34 +1,39 @@
-import { Logger as TSLogger, ILogObj } from 'tslog'
-import { LogLevel } from './types'
-
-/**
- * Logger options for configuring the logging behavior.
- * @internal
- */
-export type LoggerOptions = {
-  logLevel?: LogLevel
-}
+import { ILogObj, Logger as TSLogger } from 'tslog'
+import { LogLevel, LogOptions } from './types'
 
 /**
  * Logger class for managing logging operations.
  * @internal
  */
 export default class Logger {
-  private static instance: TSLogger<ILogObj> = new TSLogger();
+  private static DEFAULT_LOG_LEVEL: LogLevel = LogLevel.Info
+  private static DEFAULT_LOG_TEMPLATE: string = '[{{logLevelName}}] [{{name}}] {{dateIsoStr}} '
+  private static DEFAULT_LOG_COLORED: boolean = true
+
+  private static instance: TSLogger<ILogObj>
 
-  public static initialize({ logLevel = LogLevel.Info }: LoggerOptions): void {
+  public static initialize(opts?: LogOptions): void {
     if (!Logger.instance) {
       Logger.instance = new TSLogger({
-        minLevel: process.env.ACTIONS_STEP_DEBUG === 'true' ? 0 : logLevel,
+        name: '@fabasoad/sarif-to-slack',
+        minLevel: process.env.ACTIONS_STEP_DEBUG === 'true' ? LogLevel.Silly : (opts?.level ?? Logger.DEFAULT_LOG_LEVEL),
+        type: 'pretty',
+        prettyLogTimeZone: 'UTC',
+        prettyLogTemplate: opts?.template ?? Logger.DEFAULT_LOG_TEMPLATE,
+        stylePrettyLogs: opts?.colored ?? Logger.DEFAULT_LOG_COLORED,
       })
     }
   }
 
-  public static info(...args: string[]): void {
-    Logger.instance.info(args)
+  public static warn(...args: unknown[]): void {
+    Logger.instance.warn(...args)
+  }
+
+  public static info(...args: unknown[]): void {
+    Logger.instance.info(...args)
   }
 
-  public static debug(...args: string[]): void {
-    Logger.instance.debug(args)
+  public static debug(...args: unknown[]): void {
+    Logger.instance.debug(...args)
   }
 }

package/src/Processors.ts

@@ -27,7 +27,7 @@ export function processColor(color?: string): string | undefined {
       Logger.info(`Converting "${color}" to #808080`)
       return '#808080'
     default:
-      Logger.debug(`"${color}" color is not a CI status identifier. Returning as is...`)
+      Logger.debug(`"${color}" color is not a CI status identifier. Returning as is.`)
       return color
   }
 }
@@ -39,28 +39,28 @@ export function processColor(color?: string): string | undefined {
  * @throws Error If the input string does not match any known log level.
  * @internal
  */
-export function processLogLevel(logLevel?: LogLevel | string): LogLevel | undefined {
-  if (typeof logLevel === 'string') {
-    switch (logLevel.toLowerCase()) {
-      case 'silly':
-        return 0
-      case 'trace':
-        return 1
-      case 'debug':
-        return 2
-      case 'info':
-        return 3
-      case 'warning':
-        return 4
-      case 'error':
-        return 5
-      case 'fatal':
-        return 6
-      default:
-        throw new Error(`Unknown log level: ${logLevel}`)
-    }
+export function processLogLevel(logLevel?: string): LogLevel | undefined {
+  if (!logLevel) {
+    return undefined
+  }
+  switch (logLevel.toLowerCase()) {
+    case 'silly':
+      return LogLevel.Silly
+    case 'trace':
+      return LogLevel.Trace
+    case 'debug':
+      return LogLevel.Debug
+    case 'info':
+      return LogLevel.Info
+    case 'warning':
+      return LogLevel.Warning
+    case 'error':
+      return LogLevel.Error
+    case 'fatal':
+      return LogLevel.Fatal
+    default:
+      throw new Error(`Unknown log level: ${logLevel}`)
   }
-  return logLevel
 }
 
 /**

package/src/SarifToSlackService.ts

@@ -1,9 +1,9 @@
 import { promises as fs } from 'fs';
 import Logger from './Logger'
-import { processColor, processLogLevel, processSarifPath } from './Processors'
+import { processColor, processSarifPath } from './Processors'
 import { SlackMessageBuilder } from './SlackMessageBuilder'
 import {
-  Sarif,
+  SarifLog,
   SarifToSlackServiceOptions,
   SlackMessage
 } from './types'
@@ -22,13 +22,14 @@ async function initialize(opts: SarifToSlackServiceOptions): Promise<Map<string,
       username: opts.username,
       iconUrl: opts.iconUrl,
       color: processColor(opts.color),
-      sarif: JSON.parse(jsonString) as Sarif
+      sarif: JSON.parse(jsonString) as SarifLog,
+      output: opts.output,
     })
     if (opts.header?.include) {
       messageBuilder.withHeader(opts.header?.value)
     }
     if (opts.footer?.include) {
-      messageBuilder.withFooter(opts.footer?.value)
+      messageBuilder.withFooter(opts.footer?.value, opts.footer?.type)
     }
     if (opts.actor?.include) {
       messageBuilder.withActor(opts.actor?.value)
@@ -69,9 +70,7 @@ export class SarifToSlackService {
    * @public
    */
   public static async create(opts: SarifToSlackServiceOptions): Promise<SarifToSlackService> {
-    Logger.initialize({
-      logLevel: processLogLevel(opts.logLevel)
-    })
+    Logger.initialize(opts.log)
     const instance: SarifToSlackService = new SarifToSlackService()
     const map: Map<string, SlackMessage> = await initialize(opts)
     map.forEach((val: SlackMessage, key: string) => instance._slackMessages.set(key, val))

package/src/SlackMessageBuilder.ts

@@ -1,8 +1,22 @@
 import { AnyBlock } from '@slack/types'
-import { HeaderBlock, ContextBlock } from '@slack/types/dist/block-kit/blocks'
+import { ContextBlock, HeaderBlock } from '@slack/types/dist/block-kit/blocks'
+import { TextObject } from '@slack/types/dist/block-kit/composition-objects'
 import { IncomingWebhook } from '@slack/webhook'
-import type { Run, Result, ReportingDescriptor } from 'sarif'
-import { Sarif, SlackMessage } from './types'
+import { Map as ImmutableMap } from 'immutable'
+import {
+  CalculateResultsBy,
+  FooterType,
+  GroupResultsBy,
+  SarifLog,
+  SarifToSlackOutput,
+  SlackMessage
+} from './types'
+import { LIB_VERSION } from './version'
+import {
+  DataGroupedByRun,
+  SarifModelPerSarif
+} from './model/SarifModelPerSarif';
+import { SecurityLevel, SecuritySeverity } from './model/types';
 
 /**
  * Options for the SlackMessageBuilder.
@@ -12,11 +26,10 @@ export type SlackMessageBuilderOptions = {
   username?: string
   iconUrl?: string
   color?: string
-  sarif: Sarif
+  sarif: SarifLog,
+  output?: SarifToSlackOutput,
 }
 
-type RuleData = { id?: string, index?: number }
-
 /**
  * Class for building and sending Slack messages based on SARIF logs.
  * @internal
@@ -25,22 +38,29 @@ export class SlackMessageBuilder implements SlackMessage {
   private readonly webhook: IncomingWebhook
   private readonly gitHubServerUrl: string
   private readonly color?: string
-
+  private readonly sarifModelPerSarif: SarifModelPerSarif
+  private readonly output: SarifToSlackOutput
   private header?: HeaderBlock
+
   private footer?: ContextBlock
   private actor?: string
   private runId?: string
 
-  public readonly sarif: Sarif
+  public readonly sarif: SarifLog
 
   constructor(url: string, opts: SlackMessageBuilderOptions) {
     this.webhook = new IncomingWebhook(url, {
       username: opts.username || 'SARIF results',
       icon_url: opts.iconUrl
     })
+    this.gitHubServerUrl = process.env.GITHUB_SERVER_URL || 'https://github.com'
     this.color = opts.color
     this.sarif = opts.sarif
-    this.gitHubServerUrl = process.env.GITHUB_SERVER_URL || 'https://github.com'
+    this.sarifModelPerSarif = new SarifModelPerSarif(opts.sarif)
+    this.output = opts.output || {
+      groupBy: GroupResultsBy.ToolName,
+      calculateBy: CalculateResultsBy.Level
+    }
   }
 
   withHeader(header?: string): void {
@@ -61,14 +81,14 @@ export class SlackMessageBuilder implements SlackMessage {
     this.runId = process.env.GITHUB_RUN_ID
   }
 
-  withFooter(footer?: string): void {
-    const repoName = 'fabasoad/sarif-to-slack-action'
+  withFooter(text?: string, type?: FooterType): void {
+    const repoName = 'fabasoad/sarif-to-slack'
+    const element: TextObject = text
+      ? { type: type || FooterType.PlainText, text }
+      : { type: FooterType.Markdown, text: `Generated by <${this.gitHubServerUrl}/${repoName}|@${repoName}@${LIB_VERSION}>` }
     this.footer = {
       type: 'context',
-      elements: [{
-        type: footer ? 'plain_text' : 'mrkdwn',
-        text: footer || `Generated by <${this.gitHubServerUrl}/${repoName}|${repoName}>`
-      }],
+      elements: [element],
     }
   }
 
@@ -109,68 +129,65 @@ export class SlackMessageBuilder implements SlackMessage {
       }
       text.push(runText)
     }
-    return text.join('\n')
+    return text.join('\n\n')
   }
 
-  private composeRunSummary(toolName: string, map: Map<string, number>): string {
-    const levelsText: string[] = []
-    for (const [level, count] of map.entries()) {
-      const levelCapitalized = level.charAt(0).toUpperCase() + level.slice(1)
-      levelsText.push(`*${levelCapitalized}*: ${count}`)
+  private composeSummaryWith(
+    map: ImmutableMap<SecurityLevel | SecuritySeverity, number>,
+    resultProcessor: (result: string) => string = (result: string): string => result,
+  ): string {
+    const stats = new Array<string>()
+    for (const [key, count] of map.entries()) {
+      stats.push(`*${key}*: ${count}`)
     }
-    return `*${toolName}*\n${levelsText.join(', ')}`
+    return resultProcessor(
+      stats.length == 0 ? 'No issues found' : stats.join(', ')
+    )
   }
 
   private composeSummary(): string {
-    const data = new Map<string, Map<string, number>>()
-    for (const run of this.sarif.runs) {
-      const toolName = run.tool.driver.name
-      if (!data.has(toolName)) {
-        data.set(toolName, new Map<string, number>())
-      }
-      const results: Result[] = run.results ?? []
-      for (const result of results) {
-        const level: string = this.tryGetLevel(run, result)
-        const count: number = data.get(toolName)?.get(level) || 0
-        data.get(toolName)?.set(level, count + 1)
-      }
-    }
-    const summaries: string[] = []
-    for (const [toolName, map] of data.entries()) {
-      summaries.push(this.composeRunSummary(toolName, map))
-    }
-    return summaries.join('\n')
-  }
-
-  private tryGetLevel(run: Run, result: Result): string {
-    if (result.level) {
-      return result.level
-    }
-
-    const ruleData: RuleData = {}
-
-    if (result.rule) {
-      if (result.rule?.index) {
-        ruleData.index = result.rule.index
+    const summaries = new Array<string>()
+    switch (this.output.groupBy) {
+      case GroupResultsBy.ToolName: {
+        const dataGroupedByToolName: Map<string, ImmutableMap<SecurityLevel | SecuritySeverity, number>> =
+          this.output.calculateBy === CalculateResultsBy.Level
+            ? this.sarifModelPerSarif.groupByToolNameWithSecurityLevel()
+            : this.sarifModelPerSarif.groupByToolNameWithSecuritySeverity()
+        for (const [toolName, map] of dataGroupedByToolName.entries()) {
+          summaries.push(this.composeSummaryWith(
+            map,
+            (result: string): string => `*${toolName}*\n${result}`
+          ))
+        }
+        break
       }
-      if (result.rule?.id) {
-        ruleData.id = result.rule.id
+      case GroupResultsBy.Run: {
+        const dataGroupedByRun: Array<DataGroupedByRun<SecurityLevel | SecuritySeverity>> =
+          this.output.calculateBy === CalculateResultsBy.Level
+            ? this.sarifModelPerSarif.groupByRunWithSecurityLevel()
+            : this.sarifModelPerSarif.groupByRunWithSecuritySeverity()
+        for (let i = 0; i < dataGroupedByRun.length; i++) {
+          const { data, toolName } = dataGroupedByRun[i]
+          summaries.push(this.composeSummaryWith(
+            data,
+            (result: string): string => `_[Run ${i + 1}]_: *${toolName}*\n${result}`
+          ))
+        }
+        break
       }
-    }
-
-    if (!ruleData.index && result.ruleIndex) {
-      ruleData.index = result.ruleIndex
-    }
-
-    if (ruleData.index
-      && run.tool.driver?.rules
-      && ruleData.index < run.tool.driver.rules.length) {
-      const rule: ReportingDescriptor = run.tool.driver.rules[ruleData.index]
-      if (rule.properties && 'problem.severity' in rule.properties) {
-        return rule.properties['problem.severity'] as string
+      default: {
+        const dataTotal: ImmutableMap<SecurityLevel | SecuritySeverity, number> =
+          this.output.calculateBy === CalculateResultsBy.Level
+            ? this.sarifModelPerSarif.groupByTotalWithSecurityLevel()
+            : this.sarifModelPerSarif.groupByTotalWithSecuritySeverity()
+        const toolNames: Set<string> = this.sarifModelPerSarif.listToolNames()
+        summaries.push(this.composeSummaryWith(
+          dataTotal,
+          (result: string): string => `*${Array.from(toolNames).join('*, *')}*\n${result}`
+        ))
+        break
       }
     }
-
-    return 'unknown'
+    return summaries.join('\n\n')
   }
 }

package/src/index.ts

@@ -9,12 +9,16 @@
  *
  * @example
  * ```typescript
- * import { SarifToSlackService } from 'sarif-to-slack';
+ * import { SarifToSlackService, FooterType } from '@fabasoad/sarif-to-slack';
  *
- * const service = new SarifToSlackService({
+ * const service = await SarifToSlackService.create({
  *   webhookUrl: 'https://hooks.slack.com/services/your/webhook/url',
  *   sarifPath: 'path/to/your/sarif/file.sarif',
- *   logLevel: 'info',
+ *   log: {
+ *     level: 'info',
+ *     template: '[{{logLevelName}}] [{{name}}] {{dateIsoStr}} ',
+ *     colored: false,
+ *   },
  *   username: 'SARIF Bot',
  *   iconUrl: 'https://example.com/icon.png',
  *   color: '#36a64f',
@@ -24,6 +28,7 @@
  *   },
  *   footer: {
  *     include: true,
+ *     type: FooterType.PLAIN_TEXT,
  *     value: 'Generated by @fabasoad/sarif-to-slack'
  *   },
  *   actor: {
@@ -43,10 +48,16 @@
  */
 export { SarifToSlackService } from './SarifToSlackService'
 export {
-  IncludeAwareProps,
-  IncludeAwareWithValueProps,
+  CalculateResultsBy,
+  FooterOptions,
+  FooterType,
+  GroupResultsBy,
+  IncludeAwareOptions,
+  IncludeAwareWithValueOptions,
   LogLevel,
-  Sarif,
+  LogOptions,
+  SarifLog,
+  SarifToSlackOutput,
   SarifToSlackServiceOptions,
   SlackMessage,
 } from './types'