@fabasoad/sarif-to-slack 0.2.0 → 0.2.1

package/dist/types.d.ts

@@ -3,7 +3,7 @@ import type { Log } from 'sarif';
  * Type representing a SARIF log.
  * @public
  */
-export type Sarif = Log;
+export type SarifLog = Log;
 /**
  * Interface for a Slack message that can be sent.
  * @public
@@ -17,7 +17,7 @@ export interface SlackMessage {
     /**
      * The SARIF log associated with this Slack message.
      */
-    sarif: Sarif;
+    sarif: SarifLog;
 }
 /**
  * Enum representing log levels for the service.
@@ -25,7 +25,8 @@ export interface SlackMessage {
  */
 export declare enum LogLevel {
     /**
-     * Represents the most verbose logging level, typically used for detailed debugging information.
+     * Represents the most verbose logging level, typically used for detailed
+     * debugging information.
      */
     Silly = 0,
     /**
@@ -33,23 +34,28 @@ export declare enum LogLevel {
      */
     Trace = 1,
     /**
-     * Represents a logging level for debugging information that is less verbose than silly.
+     * Represents a logging level for debugging information that is less verbose
+     * than silly.
      */
     Debug = 2,
     /**
-     * Represents a logging level for general informational messages that highlight the progress of the application.
+     * Represents a logging level for general informational messages that highlight
+     * the progress of the application.
      */
     Info = 3,
     /**
-     * Represents a logging level for potentially harmful situations that require attention.
+     * Represents a logging level for potentially harmful situations that require
+     * attention.
      */
     Warning = 4,
     /**
-     * Represents a logging level for error conditions that do not require immediate action but should be noted.
+     * Represents a logging level for error conditions that do not require immediate
+     * action but should be noted.
      */
     Error = 5,
     /**
-     * Represents a logging level for critical errors that require immediate attention and may cause the application to terminate.
+     * Represents a logging level for critical errors that require immediate attention
+     * and may cause the application to terminate.
      */
     Fatal = 6
 }
@@ -74,8 +80,15 @@ export type IncludeAwareWithValueOptions = IncludeAwareOptions & {
  * @public
  */
 export declare enum FooterType {
-    PLAIN_TEXT = "plain_text",
-    MARKDOWN = "mrkdwn"
+    /**
+     * Represents a plain text footer. Text is not formatted and appears as-is.
+     */
+    PlainText = "plain_text",
+    /**
+     * Represents a footer with Markdown formatting. Text can include formatting
+     * such as bold, italics, and links.
+     */
+    Markdown = "mrkdwn"
 }
 /**
  * Options for the footer of a Slack message. "type" is ignored if "value" is
@@ -85,6 +98,68 @@ export declare enum FooterType {
 export type FooterOptions = IncludeAwareWithValueOptions & {
     type?: FooterType;
 };
+/**
+ * Enum representing how to group results.
+ * @public
+ */
+export declare enum GroupResultsBy {
+    /**
+     * Groups results by the tool name. Particularly, groups by the runs[].tool.driver.name
+     * property from the SARIF file(s).
+     */
+    ToolName = 0,
+    /**
+     * Groups results by the run. It provides the result from each run individually.
+     */
+    Run = 1,
+    /**
+     * Does not group results. It provides the result from all the runs from all
+     * the provided SARIF files.
+     */
+    Total = 2
+}
+/**
+ * Enum representing how to calculate results.
+ * @public
+ */
+export declare enum CalculateResultsBy {
+    /**
+     * Calculates results by the security level of the findings: Error, Warning,
+     * Note and Unknown. At first, it tries to get the security level from runs[].results[].level
+     * property. If it is not defined, it tries to get the security level from the
+     * respective rule of each result, using the rules[].properties['problem.severity']
+     * property.
+     */
+    Level = 0,
+    /**
+     * Calculates results by the security severity of the findings: Critical, High,
+     * Medium, Low, None and Unknown. it tries to get the security severity from the
+     * respective rule of each result, using the rules[].properties['security-severity']
+     * property. This property contains CVSS score, which is then mapped to the
+     * security severity value.
+     */
+    Severity = 1
+}
+/**
+ * Options for how to output the results in the Slack message.
+ * @public
+ */
+export type SarifToSlackOutput = {
+    groupBy: GroupResultsBy;
+    calculateBy: CalculateResultsBy;
+};
+/**
+ * Options for logging.
+ * @public
+ */
+export type LogOptions = {
+    level?: LogLevel;
+    /**
+     * More details here: https://github.com/fullstack-build/tslog?tab=readme-ov-file#pretty-templates-and-styles-color-settings
+     */
+    template?: string;
+    colored?: boolean;
+};
 /**
  * Options for the SarifToSlackService.
  * @public
@@ -95,10 +170,11 @@ export type SarifToSlackServiceOptions = {
     username?: string;
     iconUrl?: string;
     color?: string;
-    logLevel?: LogLevel | string;
+    log?: LogOptions;
     header?: IncludeAwareWithValueOptions;
     footer?: FooterOptions;
     actor?: IncludeAwareWithValueOptions;
     run?: IncludeAwareOptions;
+    output?: SarifToSlackOutput;
 };
 //# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,OAAO,CAAA;AAEhC;;;GAGG;AACH,MAAM,MAAM,KAAK,GAAG,GAAG,CAAA;AAEvB;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B;;;OAGG;IACH,IAAI,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAA;IAC3B;;OAEG;IACH,KAAK,EAAE,KAAK,CAAA;CACb;AAED;;;GAGG;AACH,oBAAY,QAAQ;IAClB;;OAEG;IACH,KAAK,IAAI;IACT;;OAEG;IACH,KAAK,IAAI;IACT;;OAEG;IACH,KAAK,IAAI;IACT;;OAEG;IACH,IAAI,IAAI;IACR;;OAEG;IACH,OAAO,IAAI;IACX;;OAEG;IACH,KAAK,IAAI;IACT;;OAEG;IACH,KAAK,IAAI;CACV;AAED;;;;GAIG;AACH,MAAM,MAAM,mBAAmB,GAAG;IAChC,OAAO,EAAE,OAAO,CAAA;CACjB,CAAA;AAED;;;;GAIG;AACH,MAAM,MAAM,4BAA4B,GAAG,mBAAmB,GAAG;IAC/D,KAAK,CAAC,EAAE,MAAM,CAAA;CACf,CAAA;AAED;;;GAGG;AACH,oBAAY,UAAU;IACpB,UAAU,eAAe;IACzB,QAAQ,WAAW;CACpB;AAED;;;;GAIG;AACH,MAAM,MAAM,aAAa,GAAG,4BAA4B,GAAG;IACzD,IAAI,CAAC,EAAE,UAAU,CAAA;CAClB,CAAA;AAED;;;GAGG;AACH,MAAM,MAAM,0BAA0B,GAAG;IAEvC,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,QAAQ,GAAG,MAAM,CAAC;IAC7B,MAAM,CAAC,EAAE,4BAA4B,CAAC;IACtC,MAAM,CAAC,EAAE,aAAa,CAAC;IACvB,KAAK,CAAC,EAAE,4BAA4B,CAAC;IACrC,GAAG,CAAC,EAAE,mBAAmB,CAAC;CAC3B,CAAA"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,OAAO,CAAA;AAEhC;;;GAGG;AACH,MAAM,MAAM,QAAQ,GAAG,GAAG,CAAA;AAE1B;;;GAGG;AACH,MAAM,WAAW,YAAY;IAC3B;;;OAGG;IACH,IAAI,EAAE,MAAM,OAAO,CAAC,MAAM,CAAC,CAAA;IAC3B;;OAEG;IACH,KAAK,EAAE,QAAQ,CAAA;CAChB;AAED;;;GAGG;AACH,oBAAY,QAAQ;IAClB;;;OAGG;IACH,KAAK,IAAI;IACT;;OAEG;IACH,KAAK,IAAI;IACT;;;OAGG;IACH,KAAK,IAAI;IACT;;;OAGG;IACH,IAAI,IAAI;IACR;;;OAGG;IACH,OAAO,IAAI;IACX;;;OAGG;IACH,KAAK,IAAI;IACT;;;OAGG;IACH,KAAK,IAAI;CACV;AAED;;;;GAIG;AACH,MAAM,MAAM,mBAAmB,GAAG;IAChC,OAAO,EAAE,OAAO,CAAA;CACjB,CAAA;AAED;;;;GAIG;AACH,MAAM,MAAM,4BAA4B,GAAG,mBAAmB,GAAG;IAC/D,KAAK,CAAC,EAAE,MAAM,CAAA;CACf,CAAA;AAED;;;GAGG;AACH,oBAAY,UAAU;IACpB;;OAEG;IACH,SAAS,eAAe;IACxB;;;OAGG;IACH,QAAQ,WAAW;CACpB;AAED;;;;GAIG;AACH,MAAM,MAAM,aAAa,GAAG,4BAA4B,GAAG;IACzD,IAAI,CAAC,EAAE,UAAU,CAAA;CAClB,CAAA;AAED;;;GAGG;AACH,oBAAY,cAAc;IACxB;;;OAGG;IACH,QAAQ,IAAI;IACZ;;OAEG;IACH,GAAG,IAAI;IACP;;;OAGG;IACH,KAAK,IAAI;CACV;AAED;;;GAGG;AACH,oBAAY,kBAAkB;IAC5B;;;;;;OAMG;IACH,KAAK,IAAI;IACT;;;;;;OAMG;IACH,QAAQ,IAAI;CACb;AAED;;;GAGG;AACH,MAAM,MAAM,kBAAkB,GAAG;IAC/B,OAAO,EAAE,cAAc,CAAC;IACxB,WAAW,EAAE,kBAAkB,CAAC;CACjC,CAAA;AAED;;;GAGG;AACH,MAAM,MAAM,UAAU,GAAG;IACvB,KAAK,CAAC,EAAE,QAAQ,CAAC;IACjB;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB,CAAA;AAED;;;GAGG;AACH,MAAM,MAAM,0BAA0B,GAAG;IAEvC,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,UAAU,CAAC;IACjB,MAAM,CAAC,EAAE,4BAA4B,CAAC;IACtC,MAAM,CAAC,EAAE,aAAa,CAAC;IACvB,KAAK,CAAC,EAAE,4BAA4B,CAAC;IACrC,GAAG,CAAC,EAAE,mBAAmB,CAAC;IAC1B,MAAM,CAAC,EAAE,kBAAkB,CAAC;CAC7B,CAAA"}

package/dist/types.js

@@ -5,7 +5,8 @@
 export var LogLevel;
 (function (LogLevel) {
     /**
-     * Represents the most verbose logging level, typically used for detailed debugging information.
+     * Represents the most verbose logging level, typically used for detailed
+     * debugging information.
      */
     LogLevel[LogLevel["Silly"] = 0] = "Silly";
     /**
@@ -13,23 +14,28 @@ export var LogLevel;
      */
     LogLevel[LogLevel["Trace"] = 1] = "Trace";
     /**
-     * Represents a logging level for debugging information that is less verbose than silly.
+     * Represents a logging level for debugging information that is less verbose
+     * than silly.
      */
     LogLevel[LogLevel["Debug"] = 2] = "Debug";
     /**
-     * Represents a logging level for general informational messages that highlight the progress of the application.
+     * Represents a logging level for general informational messages that highlight
+     * the progress of the application.
      */
     LogLevel[LogLevel["Info"] = 3] = "Info";
     /**
-     * Represents a logging level for potentially harmful situations that require attention.
+     * Represents a logging level for potentially harmful situations that require
+     * attention.
      */
     LogLevel[LogLevel["Warning"] = 4] = "Warning";
     /**
-     * Represents a logging level for error conditions that do not require immediate action but should be noted.
+     * Represents a logging level for error conditions that do not require immediate
+     * action but should be noted.
      */
     LogLevel[LogLevel["Error"] = 5] = "Error";
     /**
-     * Represents a logging level for critical errors that require immediate attention and may cause the application to terminate.
+     * Represents a logging level for critical errors that require immediate attention
+     * and may cause the application to terminate.
      */
     LogLevel[LogLevel["Fatal"] = 6] = "Fatal";
 })(LogLevel || (LogLevel = {}));
@@ -39,7 +45,58 @@ export var LogLevel;
  */
 export var FooterType;
 (function (FooterType) {
-    FooterType["PLAIN_TEXT"] = "plain_text";
-    FooterType["MARKDOWN"] = "mrkdwn";
+    /**
+     * Represents a plain text footer. Text is not formatted and appears as-is.
+     */
+    FooterType["PlainText"] = "plain_text";
+    /**
+     * Represents a footer with Markdown formatting. Text can include formatting
+     * such as bold, italics, and links.
+     */
+    FooterType["Markdown"] = "mrkdwn";
 })(FooterType || (FooterType = {}));
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvdHlwZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBd0JBOzs7R0FHRztBQUNILE1BQU0sQ0FBTixJQUFZLFFBNkJYO0FBN0JELFdBQVksUUFBUTtJQUNsQjs7T0FFRztJQUNILHlDQUFTLENBQUE7SUFDVDs7T0FFRztJQUNILHlDQUFTLENBQUE7SUFDVDs7T0FFRztJQUNILHlDQUFTLENBQUE7SUFDVDs7T0FFRztJQUNILHVDQUFRLENBQUE7SUFDUjs7T0FFRztJQUNILDZDQUFXLENBQUE7SUFDWDs7T0FFRztJQUNILHlDQUFTLENBQUE7SUFDVDs7T0FFRztJQUNILHlDQUFTLENBQUE7QUFDWCxDQUFDLEVBN0JXLFFBQVEsS0FBUixRQUFRLFFBNkJuQjtBQW9CRDs7O0dBR0c7QUFDSCxNQUFNLENBQU4sSUFBWSxVQUdYO0FBSEQsV0FBWSxVQUFVO0lBQ3BCLHVDQUF5QixDQUFBO0lBQ3pCLGlDQUFtQixDQUFBO0FBQ3JCLENBQUMsRUFIVyxVQUFVLEtBQVYsVUFBVSxRQUdyQiJ9
+/**
+ * Enum representing how to group results.
+ * @public
+ */
+export var GroupResultsBy;
+(function (GroupResultsBy) {
+    /**
+     * Groups results by the tool name. Particularly, groups by the runs[].tool.driver.name
+     * property from the SARIF file(s).
+     */
+    GroupResultsBy[GroupResultsBy["ToolName"] = 0] = "ToolName";
+    /**
+     * Groups results by the run. It provides the result from each run individually.
+     */
+    GroupResultsBy[GroupResultsBy["Run"] = 1] = "Run";
+    /**
+     * Does not group results. It provides the result from all the runs from all
+     * the provided SARIF files.
+     */
+    GroupResultsBy[GroupResultsBy["Total"] = 2] = "Total";
+})(GroupResultsBy || (GroupResultsBy = {}));
+/**
+ * Enum representing how to calculate results.
+ * @public
+ */
+export var CalculateResultsBy;
+(function (CalculateResultsBy) {
+    /**
+     * Calculates results by the security level of the findings: Error, Warning,
+     * Note and Unknown. At first, it tries to get the security level from runs[].results[].level
+     * property. If it is not defined, it tries to get the security level from the
+     * respective rule of each result, using the rules[].properties['problem.severity']
+     * property.
+     */
+    CalculateResultsBy[CalculateResultsBy["Level"] = 0] = "Level";
+    /**
+     * Calculates results by the security severity of the findings: Critical, High,
+     * Medium, Low, None and Unknown. it tries to get the security severity from the
+     * respective rule of each result, using the rules[].properties['security-severity']
+     * property. This property contains CVSS score, which is then mapped to the
+     * security severity value.
+     */
+    CalculateResultsBy[CalculateResultsBy["Severity"] = 1] = "Severity";
+})(CalculateResultsBy || (CalculateResultsBy = {}));
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvdHlwZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBd0JBOzs7R0FHRztBQUNILE1BQU0sQ0FBTixJQUFZLFFBbUNYO0FBbkNELFdBQVksUUFBUTtJQUNsQjs7O09BR0c7SUFDSCx5Q0FBUyxDQUFBO0lBQ1Q7O09BRUc7SUFDSCx5Q0FBUyxDQUFBO0lBQ1Q7OztPQUdHO0lBQ0gseUNBQVMsQ0FBQTtJQUNUOzs7T0FHRztJQUNILHVDQUFRLENBQUE7SUFDUjs7O09BR0c7SUFDSCw2Q0FBVyxDQUFBO0lBQ1g7OztPQUdHO0lBQ0gseUNBQVMsQ0FBQTtJQUNUOzs7T0FHRztJQUNILHlDQUFTLENBQUE7QUFDWCxDQUFDLEVBbkNXLFFBQVEsS0FBUixRQUFRLFFBbUNuQjtBQW9CRDs7O0dBR0c7QUFDSCxNQUFNLENBQU4sSUFBWSxVQVVYO0FBVkQsV0FBWSxVQUFVO0lBQ3BCOztPQUVHO0lBQ0gsc0NBQXdCLENBQUE7SUFDeEI7OztPQUdHO0lBQ0gsaUNBQW1CLENBQUE7QUFDckIsQ0FBQyxFQVZXLFVBQVUsS0FBVixVQUFVLFFBVXJCO0FBV0Q7OztHQUdHO0FBQ0gsTUFBTSxDQUFOLElBQVksY0FlWDtBQWZELFdBQVksY0FBYztJQUN4Qjs7O09BR0c7SUFDSCwyREFBWSxDQUFBO0lBQ1o7O09BRUc7SUFDSCxpREFBTyxDQUFBO0lBQ1A7OztPQUdHO0lBQ0gscURBQVMsQ0FBQTtBQUNYLENBQUMsRUFmVyxjQUFjLEtBQWQsY0FBYyxRQWV6QjtBQUVEOzs7R0FHRztBQUNILE1BQU0sQ0FBTixJQUFZLGtCQWlCWDtBQWpCRCxXQUFZLGtCQUFrQjtJQUM1Qjs7Ozs7O09BTUc7SUFDSCw2REFBUyxDQUFBO0lBQ1Q7Ozs7OztPQU1HO0lBQ0gsbUVBQVksQ0FBQTtBQUNkLENBQUMsRUFqQlcsa0JBQWtCLEtBQWxCLGtCQUFrQixRQWlCN0IifQ==

package/dist/utils/SarifUtils.d.ts

@@ -0,0 +1,5 @@
+import type { ReportingDescriptor, Result, Run } from "sarif";
+export declare function findRuleByResult(run: Run, result: Result): ReportingDescriptor | undefined;
+export type RuleProperty = 'security-severity' | 'problem.severity';
+export declare function tryGetRulePropertyByResult<T>(run: Run, result: Result, propertyName: RuleProperty): T | undefined;
+//# sourceMappingURL=SarifUtils.d.ts.map

package/dist/utils/SarifUtils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SarifUtils.d.ts","sourceRoot":"","sources":["../../src/utils/SarifUtils.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,OAAO,CAAC;AAE9D,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,GAAG,mBAAmB,GAAG,SAAS,CA8B1F;AAED,MAAM,MAAM,YAAY,GAAG,mBAAmB,GAAG,kBAAkB,CAAA;AAEnE,wBAAgB,0BAA0B,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,YAAY,GAAG,CAAC,GAAG,SAAS,CAOjH"}

package/dist/utils/SarifUtils.js

@@ -0,0 +1,32 @@
+export function findRuleByResult(run, result) {
+    const ruleData = {};
+    if (result.rule) {
+        if (result.rule?.index) {
+            ruleData.index = result.rule.index;
+        }
+        if (result.rule?.id) {
+            ruleData.id = result.rule.id;
+        }
+    }
+    if (!ruleData.index && result.ruleIndex) {
+        ruleData.index = result.ruleIndex;
+    }
+    if (ruleData.index
+        && run.tool.driver?.rules
+        && ruleData.index < run.tool.driver.rules.length) {
+        return run.tool.driver.rules[ruleData.index];
+    }
+    // If failed to find rule by index then try to find by ruleId
+    if (result.ruleId && run.tool.driver?.rules) {
+        return run.tool.driver.rules.find((r) => r.id === result.ruleId);
+    }
+    return undefined;
+}
+export function tryGetRulePropertyByResult(run, result, propertyName) {
+    const rule = findRuleByResult(run, result);
+    if (rule && rule.properties && propertyName in rule.properties) {
+        return rule.properties[propertyName];
+    }
+    return undefined;
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiU2FyaWZVdGlscy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy91dGlscy9TYXJpZlV0aWxzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUVBLE1BQU0sVUFBVSxnQkFBZ0IsQ0FBQyxHQUFRLEVBQUUsTUFBYztJQUN2RCxNQUFNLFFBQVEsR0FBb0MsRUFBRSxDQUFBO0lBRXBELElBQUksTUFBTSxDQUFDLElBQUksRUFBRSxDQUFDO1FBQ2hCLElBQUksTUFBTSxDQUFDLElBQUksRUFBRSxLQUFLLEVBQUUsQ0FBQztZQUN2QixRQUFRLENBQUMsS0FBSyxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFBO1FBQ3BDLENBQUM7UUFDRCxJQUFJLE1BQU0sQ0FBQyxJQUFJLEVBQUUsRUFBRSxFQUFFLENBQUM7WUFDcEIsUUFBUSxDQUFDLEVBQUUsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQTtRQUM5QixDQUFDO0lBQ0gsQ0FBQztJQUVELElBQUksQ0FBQyxRQUFRLENBQUMsS0FBSyxJQUFJLE1BQU0sQ0FBQyxTQUFTLEVBQUUsQ0FBQztRQUN4QyxRQUFRLENBQUMsS0FBSyxHQUFHLE1BQU0sQ0FBQyxTQUFTLENBQUE7SUFDbkMsQ0FBQztJQUVELElBQUksUUFBUSxDQUFDLEtBQUs7V0FDYixHQUFHLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxLQUFLO1dBQ3RCLFFBQVEsQ0FBQyxLQUFLLEdBQUcsR0FBRyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLE1BQU0sRUFBRSxDQUFDO1FBQ25ELE9BQU8sR0FBRyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSyxDQUFDLFFBQVEsQ0FBQyxLQUFLLENBQUMsQ0FBQTtJQUM5QyxDQUFDO0lBRUQsNkRBQTZEO0lBQzdELElBQUksTUFBTSxDQUFDLE1BQU0sSUFBSSxHQUFHLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxLQUFLLEVBQUUsQ0FBQztRQUM1QyxPQUFPLEdBQUcsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQy9CLENBQUMsQ0FBc0IsRUFBVyxFQUFFLENBQUMsQ0FBQyxDQUFDLEVBQUUsS0FBSyxNQUFNLENBQUMsTUFBTSxDQUM1RCxDQUFBO0lBQ0gsQ0FBQztJQUVELE9BQU8sU0FBUyxDQUFBO0FBQ2xCLENBQUM7QUFJRCxNQUFNLFVBQVUsMEJBQTBCLENBQUksR0FBUSxFQUFFLE1BQWMsRUFBRSxZQUEwQjtJQUNoRyxNQUFNLElBQUksR0FBb0MsZ0JBQWdCLENBQUMsR0FBRyxFQUFFLE1BQU0sQ0FBQyxDQUFBO0lBQzNFLElBQUksSUFBSSxJQUFJLElBQUksQ0FBQyxVQUFVLElBQUksWUFBWSxJQUFJLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztRQUMvRCxPQUFPLElBQUksQ0FBQyxVQUFVLENBQUMsWUFBWSxDQUFNLENBQUE7SUFDM0MsQ0FBQztJQUVELE9BQU8sU0FBUyxDQUFBO0FBQ2xCLENBQUMifQ==

package/dist/utils/SortUtils.d.ts

@@ -0,0 +1,5 @@
+import { Map as ImmutableMap } from 'immutable';
+import { SecurityLevel, SecuritySeverity } from '../model/types';
+export declare function sortSecurityLevelMap(map: ImmutableMap<SecurityLevel, number>): ImmutableMap<SecurityLevel, number>;
+export declare function sortSecuritySeverityMap(map: ImmutableMap<SecuritySeverity, number>): ImmutableMap<SecuritySeverity, number>;
+//# sourceMappingURL=SortUtils.d.ts.map

package/dist/utils/SortUtils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SortUtils.d.ts","sourceRoot":"","sources":["../../src/utils/SortUtils.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,GAAG,IAAI,YAAY,EAAE,MAAM,WAAW,CAAA;AAC/C,OAAO,EACL,aAAa,EAEb,gBAAgB,EAEjB,MAAM,gBAAgB,CAAA;AAEvB,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,YAAY,CAAC,aAAa,EAAE,MAAM,CAAC,GAAG,YAAY,CAAC,aAAa,EAAE,MAAM,CAAC,CAKlH;AAED,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,YAAY,CAAC,gBAAgB,EAAE,MAAM,CAAC,GAAG,YAAY,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAK3H"}

package/dist/utils/SortUtils.js

@@ -0,0 +1,8 @@
+import { SecurityLevelOrder, SecuritySeverityOrder } from '../model/types';
+export function sortSecurityLevelMap(map) {
+    return map.sortBy((_, level) => level, (a, b) => SecurityLevelOrder.indexOf(a) - SecurityLevelOrder.indexOf(b)).asImmutable();
+}
+export function sortSecuritySeverityMap(map) {
+    return map.sortBy((_, severity) => severity, (a, b) => SecuritySeverityOrder.indexOf(a) - SecuritySeverityOrder.indexOf(b)).asImmutable();
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiU29ydFV0aWxzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3V0aWxzL1NvcnRVdGlscy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFDQSxPQUFPLEVBRUwsa0JBQWtCLEVBRWxCLHFCQUFxQixFQUN0QixNQUFNLGdCQUFnQixDQUFBO0FBRXZCLE1BQU0sVUFBVSxvQkFBb0IsQ0FBQyxHQUF3QztJQUMzRSxPQUFPLEdBQUcsQ0FBQyxNQUFNLENBQ2YsQ0FBQyxDQUFTLEVBQUUsS0FBb0IsRUFBaUIsRUFBRSxDQUFDLEtBQUssRUFDekQsQ0FBQyxDQUFnQixFQUFFLENBQWdCLEVBQVUsRUFBRSxDQUFDLGtCQUFrQixDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsR0FBRyxrQkFBa0IsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLENBQzlHLENBQUMsV0FBVyxFQUFFLENBQUE7QUFDakIsQ0FBQztBQUVELE1BQU0sVUFBVSx1QkFBdUIsQ0FBQyxHQUEyQztJQUNqRixPQUFPLEdBQUcsQ0FBQyxNQUFNLENBQ2YsQ0FBQyxDQUFTLEVBQUUsUUFBMEIsRUFBb0IsRUFBRSxDQUFDLFFBQVEsRUFDckUsQ0FBQyxDQUFtQixFQUFFLENBQW1CLEVBQVUsRUFBRSxDQUFDLHFCQUFxQixDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsR0FBRyxxQkFBcUIsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLENBQzFILENBQUMsV0FBVyxFQUFFLENBQUE7QUFDakIsQ0FBQyJ9

package/dist/version.d.ts

@@ -1,2 +1,2 @@
-export declare const LIB_VERSION = "0.2.0";
+export declare const LIB_VERSION = "0.2.1";
 //# sourceMappingURL=version.d.ts.map

package/dist/version.js

@@ -1,4 +1,4 @@
 // This file is autogenerated by scripts/save-version.sh
 // Do not edit it manually!
-export const LIB_VERSION = '0.2.0';
+export const LIB_VERSION = '0.2.1';
 //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidmVyc2lvbi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3NyYy92ZXJzaW9uLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLHdEQUF3RDtBQUN4RCwyQkFBMkI7QUFDM0IsTUFBTSxDQUFDLE1BQU0sV0FBVyxHQUFHLE9BQU8sQ0FBQSJ9

package/etc/sarif-to-slack.api.md

@@ -6,6 +6,12 @@
 
 import type { Log } from 'sarif';
 
+// @public
+export enum CalculateResultsBy {
+    Level = 0,
+    Severity = 1
+}
+
 // @public
 export type FooterOptions = IncludeAwareWithValueOptions & {
     type?: FooterType;
@@ -13,10 +19,15 @@ export type FooterOptions = IncludeAwareWithValueOptions & {
 
 // @public
 export enum FooterType {
-    // (undocumented)
-    MARKDOWN = "mrkdwn",
-    // (undocumented)
-    PLAIN_TEXT = "plain_text"
+    Markdown = "mrkdwn",
+    PlainText = "plain_text"
+}
+
+// @public
+export enum GroupResultsBy {
+    Run = 1,
+    ToolName = 0,
+    Total = 2
 }
 
 // @public
@@ -41,7 +52,20 @@ export enum LogLevel {
 }
 
 // @public
-export type Sarif = Log;
+export type LogOptions = {
+    level?: LogLevel;
+    template?: string;
+    colored?: boolean;
+};
+
+// @public
+export type SarifLog = Log;
+
+// @public
+export type SarifToSlackOutput = {
+    groupBy: GroupResultsBy;
+    calculateBy: CalculateResultsBy;
+};
 
 // @public
 export class SarifToSlackService {
@@ -58,16 +82,17 @@ export type SarifToSlackServiceOptions = {
     username?: string;
     iconUrl?: string;
     color?: string;
-    logLevel?: LogLevel | string;
+    log?: LogOptions;
     header?: IncludeAwareWithValueOptions;
     footer?: FooterOptions;
     actor?: IncludeAwareWithValueOptions;
     run?: IncludeAwareOptions;
+    output?: SarifToSlackOutput;
 };
 
 // @public
 export interface SlackMessage {
-    sarif: Sarif;
+    sarif: SarifLog;
     send: () => Promise<string>;
 }
 

package/jest.config.json

@@ -10,10 +10,10 @@
   ],
   "coverageThreshold": {
     "global": {
-      "branches": 20,
-      "functions": 15,
-      "lines": 20,
-      "statements": 20
+      "branches": 15,
+      "functions": 10,
+      "lines": 15,
+      "statements": 15
     }
   },
   "moduleFileExtensions": [

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fabasoad/sarif-to-slack",
-  "version": "0.2.0",
+  "version": "0.2.1",
   "description": "TypeScript library to send results of SARIF file to Slack webhook URL.",
   "main": "dist/index.js",
   "module": "dist/index.js",
@@ -8,7 +8,8 @@
   "private": false,
   "scripts": {
     "lint": "biome lint --write src",
-    "test": "jest --config=jest.config.json --json --outputFile=jest-report.json --coverage",
+    "test": "jest --config=jest.config.json --json --outputFile=jest-report.json --coverage --testNamePattern=unit",
+    "test:integration": "jest --config=jest.config.json --testNamePattern=integration",
     "clean": "rm -rf coverage && rm -rf temp",
     "clean:unsafe": "rm -f package-lock.json && rm -rf node_modules && rm -rf dist && rm -rf lib",
     "tsc": "tsc",
@@ -44,15 +45,16 @@
   "dependencies": {
     "@slack/webhook": "7.0.5",
     "@types/sarif": "2.1.7",
+    "immutable": "5.1.3",
     "tslog": "4.9.3"
   },
   "devDependencies": {
-    "@biomejs/biome": "2.0.6",
-    "@microsoft/api-documenter": "7.26.29",
-    "@microsoft/api-extractor": "7.52.8",
+    "@biomejs/biome": "2.1.2",
+    "@microsoft/api-documenter": "7.26.30",
+    "@microsoft/api-extractor": "7.52.9",
     "@types/jest": "30.0.0",
-    "jest": "30.0.3",
-    "jest-circus": "30.0.3",
+    "jest": "30.0.5",
+    "jest-circus": "30.0.5",
     "ts-jest": "29.4.0",
     "typescript": "5.8.3"
   }

package/src/Logger.ts

@@ -1,36 +1,39 @@
-import { Logger as TSLogger, ILogObj } from 'tslog'
-import { LogLevel } from './types'
-
-/**
- * Logger options for configuring the logging behavior.
- * @internal
- */
-export type LoggerOptions = {
-  logLevel?: LogLevel
-}
+import { ILogObj, Logger as TSLogger } from 'tslog'
+import { LogLevel, LogOptions } from './types'
 
 /**
  * Logger class for managing logging operations.
  * @internal
  */
 export default class Logger {
-  private static instance: TSLogger<ILogObj> = new TSLogger();
+  private static DEFAULT_LOG_LEVEL: LogLevel = LogLevel.Info
+  private static DEFAULT_LOG_TEMPLATE: string = '[{{logLevelName}}] [{{name}}] {{dateIsoStr}} '
+  private static DEFAULT_LOG_COLORED: boolean = true
+
+  private static instance: TSLogger<ILogObj>
 
-  public static initialize({ logLevel = LogLevel.Info }: LoggerOptions): void {
+  public static initialize(opts?: LogOptions): void {
     if (!Logger.instance) {
       Logger.instance = new TSLogger({
-        minLevel: process.env.ACTIONS_STEP_DEBUG === 'true' ? 0 : logLevel,
+        name: '@fabasoad/sarif-to-slack',
+        minLevel: process.env.ACTIONS_STEP_DEBUG === 'true' ? LogLevel.Silly : (opts?.level ?? Logger.DEFAULT_LOG_LEVEL),
         type: 'pretty',
         prettyLogTimeZone: 'UTC',
+        prettyLogTemplate: opts?.template ?? Logger.DEFAULT_LOG_TEMPLATE,
+        stylePrettyLogs: opts?.colored ?? Logger.DEFAULT_LOG_COLORED,
       })
     }
   }
 
-  public static info(...args: string[]): void {
-    Logger.instance.info(args)
+  public static warn(...args: unknown[]): void {
+    Logger.instance.warn(...args)
+  }
+
+  public static info(...args: unknown[]): void {
+    Logger.instance.info(...args)
   }
 
-  public static debug(...args: string[]): void {
-    Logger.instance.debug(args)
+  public static debug(...args: unknown[]): void {
+    Logger.instance.debug(...args)
   }
 }

package/src/Processors.ts

@@ -27,7 +27,7 @@ export function processColor(color?: string): string | undefined {
       Logger.info(`Converting "${color}" to #808080`)
       return '#808080'
     default:
-      Logger.debug(`"${color}" color is not a CI status identifier. Returning as is...`)
+      Logger.debug(`"${color}" color is not a CI status identifier. Returning as is.`)
       return color
   }
 }
@@ -39,28 +39,28 @@ export function processColor(color?: string): string | undefined {
  * @throws Error If the input string does not match any known log level.
  * @internal
  */
-export function processLogLevel(logLevel?: LogLevel | string): LogLevel | undefined {
-  if (typeof logLevel === 'string') {
-    switch (logLevel.toLowerCase()) {
-      case 'silly':
-        return 0
-      case 'trace':
-        return 1
-      case 'debug':
-        return 2
-      case 'info':
-        return 3
-      case 'warning':
-        return 4
-      case 'error':
-        return 5
-      case 'fatal':
-        return 6
-      default:
-        throw new Error(`Unknown log level: ${logLevel}`)
-    }
+export function processLogLevel(logLevel?: string): LogLevel | undefined {
+  if (!logLevel) {
+    return undefined
+  }
+  switch (logLevel.toLowerCase()) {
+    case 'silly':
+      return LogLevel.Silly
+    case 'trace':
+      return LogLevel.Trace
+    case 'debug':
+      return LogLevel.Debug
+    case 'info':
+      return LogLevel.Info
+    case 'warning':
+      return LogLevel.Warning
+    case 'error':
+      return LogLevel.Error
+    case 'fatal':
+      return LogLevel.Fatal
+    default:
+      throw new Error(`Unknown log level: ${logLevel}`)
   }
-  return logLevel
 }
 
 /**

package/src/SarifToSlackService.ts

@@ -1,9 +1,9 @@
 import { promises as fs } from 'fs';
 import Logger from './Logger'
-import { processColor, processLogLevel, processSarifPath } from './Processors'
+import { processColor, processSarifPath } from './Processors'
 import { SlackMessageBuilder } from './SlackMessageBuilder'
 import {
-  Sarif,
+  SarifLog,
   SarifToSlackServiceOptions,
   SlackMessage
 } from './types'
@@ -22,7 +22,8 @@ async function initialize(opts: SarifToSlackServiceOptions): Promise<Map<string,
       username: opts.username,
       iconUrl: opts.iconUrl,
       color: processColor(opts.color),
-      sarif: JSON.parse(jsonString) as Sarif
+      sarif: JSON.parse(jsonString) as SarifLog,
+      output: opts.output,
     })
     if (opts.header?.include) {
       messageBuilder.withHeader(opts.header?.value)
@@ -69,9 +70,7 @@ export class SarifToSlackService {
    * @public
    */
   public static async create(opts: SarifToSlackServiceOptions): Promise<SarifToSlackService> {
-    Logger.initialize({
-      logLevel: processLogLevel(opts.logLevel)
-    })
+    Logger.initialize(opts.log)
     const instance: SarifToSlackService = new SarifToSlackService()
     const map: Map<string, SlackMessage> = await initialize(opts)
     map.forEach((val: SlackMessage, key: string) => instance._slackMessages.set(key, val))