@fabasoad/sarif-to-slack 1.1.0 → 1.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/workflows/security.yml +10 -2
- package/.github/workflows/send-sarif-to-slack.yml +6 -1
- package/.tool-versions +1 -1
- package/dist/SarifToSlackClient.d.ts.map +1 -1
- package/dist/SarifToSlackClient.js +8 -10
- package/dist/index.cjs +158 -93
- package/dist/index.d.ts +12 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +12 -3
- package/dist/model/Color.d.ts +5 -2
- package/dist/model/Color.d.ts.map +1 -1
- package/dist/model/Color.js +26 -17
- package/dist/model/Finding.js +3 -3
- package/dist/model/FindingArray.d.ts +2 -0
- package/dist/model/FindingArray.d.ts.map +1 -0
- package/dist/model/FindingArray.js +24 -0
- package/dist/model/SendIf.d.ts +116 -0
- package/dist/model/SendIf.d.ts.map +1 -0
- package/dist/model/SendIf.js +176 -0
- package/dist/model/SlackMessage.d.ts +23 -0
- package/dist/model/SlackMessage.d.ts.map +1 -0
- package/dist/model/SlackMessage.js +99 -0
- package/dist/representations/CompactGroupByRepresentation.js +1 -1
- package/dist/representations/CompactGroupByRunPerLevelRepresentation.js +1 -1
- package/dist/representations/CompactGroupByRunPerSeverityRepresentation.js +1 -1
- package/dist/representations/CompactGroupByRunRepresentation.js +1 -1
- package/dist/representations/CompactGroupBySarifRepresentation.js +1 -1
- package/dist/representations/CompactGroupByToolNameRepresentation.js +1 -1
- package/dist/representations/CompactTotalRepresentation.js +1 -1
- package/dist/representations/Representation.js +3 -3
- package/dist/sarif-to-slack.d.ts +14 -3
- package/dist/types.d.ts +1 -130
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js +1 -117
- package/etc/sarif-to-slack.api.md +1 -0
- package/package.json +1 -1
- package/src/SarifToSlackClient.ts +8 -12
- package/src/index.ts +12 -4
- package/src/model/Color.ts +37 -25
- package/src/model/Finding.ts +3 -3
- package/src/model/{FindingsArray.ts → FindingArray.ts} +3 -3
- package/src/model/SendIf.ts +175 -0
- package/src/{SlackMessageBuilder.ts → model/SlackMessage.ts} +31 -6
- package/src/processors/CodeQLProcessor.ts +1 -1
- package/src/representations/CompactGroupByRepresentation.ts +2 -2
- package/src/representations/CompactGroupByRunPerLevelRepresentation.ts +1 -1
- package/src/representations/CompactGroupByRunPerSeverityRepresentation.ts +1 -1
- package/src/representations/CompactGroupByRunRepresentation.ts +2 -2
- package/src/representations/CompactGroupBySarifRepresentation.ts +2 -2
- package/src/representations/CompactGroupByToolNameRepresentation.ts +2 -2
- package/src/representations/CompactTotalRepresentation.ts +2 -2
- package/src/representations/Representation.ts +4 -4
- package/src/types.ts +3 -134
- package/src/utils/Comparators.ts +1 -1
- package/test-data/sarif/osv-scanner-yarn.sarif +4 -4
- package/tests/integration/SendSarifToSlack.spec.ts +21 -5
- package/dist/SlackMessageBuilder.d.ts +0 -2
- package/dist/SlackMessageBuilder.d.ts.map +0 -1
- package/dist/SlackMessageBuilder.js +0 -91
- package/dist/model/FindingsArray.d.ts +0 -2
- package/dist/model/FindingsArray.d.ts.map +0 -1
- package/dist/model/FindingsArray.js +0 -24
|
@@ -6,6 +6,14 @@ on: # yamllint disable-line rule:truthy
|
|
|
6
6
|
push:
|
|
7
7
|
branches:
|
|
8
8
|
- main
|
|
9
|
+
workflow_dispatch:
|
|
10
|
+
inputs:
|
|
11
|
+
security-type:
|
|
12
|
+
description: What Security scanning you would like to run?
|
|
13
|
+
required: false
|
|
14
|
+
default: "all"
|
|
15
|
+
type: choice
|
|
16
|
+
options: ["all", "sca", "code-scanning"]
|
|
9
17
|
|
|
10
18
|
jobs:
|
|
11
19
|
sast:
|
|
@@ -15,5 +23,5 @@ jobs:
|
|
|
15
23
|
security-events: write
|
|
16
24
|
uses: fabasoad/reusable-workflows/.github/workflows/wf-security-sast.yml@main
|
|
17
25
|
with:
|
|
18
|
-
code-scanning:
|
|
19
|
-
sca:
|
|
26
|
+
code-scanning: ${{ (inputs.security-type || 'all') == 'all' || inputs.security-type == 'code-scanning' }}
|
|
27
|
+
sca: ${{ (inputs.security-type || 'all') == 'all' || inputs.security-type == 'sca' }}
|
|
@@ -281,8 +281,13 @@ jobs:
|
|
|
281
281
|
SARIF_TO_SLACK_USERNAME: "${{ inputs.username }}"
|
|
282
282
|
SARIF_TO_SLACK_ICON_URL: "https://cdn-icons-png.flaticon.com/512/9070/9070006.png"
|
|
283
283
|
SARIF_TO_SLACK_COLOR: "${{ inputs.color }}"
|
|
284
|
-
|
|
284
|
+
SARIF_TO_SLACK_COLOR_EMPTY: "#008000"
|
|
285
|
+
SARIF_TO_SLACK_SARIF_PATH: "test-data/sarif/${{ steps.sarif-file.outputs.value }}"
|
|
286
|
+
SARIF_TO_SLACK_SARIF_PATH_RECURSIVE: "false"
|
|
287
|
+
SARIF_TO_SLACK_SARIF_FILE_EXTENSION: "sarif"
|
|
285
288
|
SARIF_TO_SLACK_LOG_LEVEL: "${{ inputs.log-level }}"
|
|
289
|
+
SARIF_TO_SLACK_LOG_TEMPLATE: "[{{logLevelName}}] [{{name}}] {{dateIsoStr}} "
|
|
290
|
+
SARIF_TO_SLACK_LOG_COLORED: "true"
|
|
286
291
|
SARIF_TO_SLACK_HEADER: "${{ inputs.header }}"
|
|
287
292
|
SARIF_TO_SLACK_FOOTER: "${{ inputs.footer }}"
|
|
288
293
|
SARIF_TO_SLACK_ACTOR: "${{ inputs.actor }}"
|
package/.tool-versions
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
nodejs 24.
|
|
1
|
+
nodejs 24.6.0
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SarifToSlackClient.d.ts","sourceRoot":"","sources":["../src/SarifToSlackClient.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"SarifToSlackClient.d.ts","sourceRoot":"","sources":["../src/SarifToSlackClient.ts"],"names":[],"mappings":"AAGA,OAAO,EAKL,yBAAyB,EAG1B,MAAM,SAAS,CAAA;AAWhB;;;GAGG;AACH,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,QAAQ,CAAC,CAAc;IAC/B,OAAO,CAAC,WAAW,CAAC,CAAY;IAEhC,OAAO,CAAC,OAAO,CAAwB;IAEvC,OAAO;IAKP,OAAO,CAAC,MAAM,CAAE,oBAAoB;WAOhB,MAAM,CAAC,IAAI,EAAE,yBAAyB,GAAG,OAAO,CAAC,kBAAkB,CAAC;mBAQnE,UAAU;IAgC/B;;;;;;;;OAQG;mBACkB,UAAU;IAyB/B;;;;;OAKG;IACU,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAelC,OAAO,KAAK,iBAAiB,GAyD5B;CACF"}
|
|
@@ -1,14 +1,15 @@
|
|
|
1
1
|
import { promises as fs } from 'fs';
|
|
2
2
|
import Logger from './Logger';
|
|
3
|
-
import {
|
|
4
|
-
import { SecurityLevel, SecuritySeverity, SendIf } from './types';
|
|
3
|
+
import { SecurityLevel, SecuritySeverity } from './types';
|
|
5
4
|
import System from './System';
|
|
6
5
|
import { extractListOfFiles } from './utils/FileUtils';
|
|
7
6
|
import { createRepresentation } from './representations/RepresentationFactory';
|
|
8
7
|
import { createFinding } from './model/Finding';
|
|
9
8
|
import { findToolComponent, findToolComponentDriver } from './utils/SarifUtils';
|
|
10
9
|
import { identifyColor } from './model/Color';
|
|
11
|
-
import
|
|
10
|
+
import FindingArray from './model/FindingArray';
|
|
11
|
+
import { createSlackMessage } from './model/SlackMessage';
|
|
12
|
+
import { SendIf, sendIfLogMessage } from './model/SendIf';
|
|
12
13
|
/**
|
|
13
14
|
* Service to convert SARIF files to Slack messages and send them.
|
|
14
15
|
* @public
|
|
@@ -29,12 +30,9 @@ export class SarifToSlackClient {
|
|
|
29
30
|
}
|
|
30
31
|
static async create(opts) {
|
|
31
32
|
const instance = new SarifToSlackClient(opts.log);
|
|
32
|
-
Logger.trace('opts', opts);
|
|
33
33
|
instance._sendIf = opts.sendIf ?? instance._sendIf;
|
|
34
34
|
instance._sarifModel = await SarifToSlackClient.buildModel(opts.sarif);
|
|
35
|
-
Logger.trace('instance._sarifModel', instance._sarifModel);
|
|
36
35
|
instance._message = await SarifToSlackClient.initialize(instance._sarifModel, opts);
|
|
37
|
-
Logger.trace('instance._message', instance._message);
|
|
38
36
|
return instance;
|
|
39
37
|
}
|
|
40
38
|
static async buildModel(sarifOpts) {
|
|
@@ -42,7 +40,7 @@ export class SarifToSlackClient {
|
|
|
42
40
|
if (sarifFiles.length === 0) {
|
|
43
41
|
throw new Error(`No SARIF files found at the provided path: ${sarifOpts.path}`);
|
|
44
42
|
}
|
|
45
|
-
const model = { sarifFiles, runs: [], findings: new
|
|
43
|
+
const model = { sarifFiles, runs: [], findings: new FindingArray() };
|
|
46
44
|
const runIdGenerator = SarifToSlackClient.createRunIdGenerator();
|
|
47
45
|
for (const sarifPath of sarifFiles) {
|
|
48
46
|
const sarifJson = await fs.readFile(sarifPath, 'utf8');
|
|
@@ -76,7 +74,7 @@ export class SarifToSlackClient {
|
|
|
76
74
|
* @private
|
|
77
75
|
*/
|
|
78
76
|
static async initialize(sarifModel, opts) {
|
|
79
|
-
const message =
|
|
77
|
+
const message = createSlackMessage(opts.webhookUrl, {
|
|
80
78
|
username: opts.username,
|
|
81
79
|
iconUrl: opts.iconUrl,
|
|
82
80
|
color: identifyColor(sarifModel.findings, opts.color),
|
|
@@ -114,7 +112,7 @@ export class SarifToSlackClient {
|
|
|
114
112
|
Logger.info('Message sent. Status:', text);
|
|
115
113
|
}
|
|
116
114
|
else {
|
|
117
|
-
Logger.info(
|
|
115
|
+
Logger.info(sendIfLogMessage(this._sendIf));
|
|
118
116
|
}
|
|
119
117
|
}
|
|
120
118
|
get shouldSendMessage() {
|
|
@@ -175,4 +173,4 @@ export class SarifToSlackClient {
|
|
|
175
173
|
}
|
|
176
174
|
}
|
|
177
175
|
}
|
|
178
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
176
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiU2FyaWZUb1NsYWNrQ2xpZW50LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL1NhcmlmVG9TbGFja0NsaWVudC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQUUsUUFBUSxJQUFJLEVBQUUsRUFBRSxNQUFNLElBQUksQ0FBQTtBQUVuQyxPQUFPLE1BQU0sTUFBTSxVQUFVLENBQUE7QUFDN0IsT0FBTyxFQU1MLGFBQWEsRUFDYixnQkFBZ0IsRUFDakIsTUFBTSxTQUFTLENBQUE7QUFDaEIsT0FBTyxNQUFNLE1BQU0sVUFBVSxDQUFBO0FBQzdCLE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLG1CQUFtQixDQUFBO0FBQ3RELE9BQU8sRUFBRSxvQkFBb0IsRUFBRSxNQUFNLHlDQUF5QyxDQUFBO0FBQzlFLE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSxpQkFBaUIsQ0FBQTtBQUMvQyxPQUFPLEVBQUUsaUJBQWlCLEVBQUUsdUJBQXVCLEVBQUUsTUFBTSxvQkFBb0IsQ0FBQTtBQUMvRSxPQUFPLEVBQUUsYUFBYSxFQUFFLE1BQU0sZUFBZSxDQUFBO0FBQzdDLE9BQU8sWUFBWSxNQUFNLHNCQUFzQixDQUFBO0FBQy9DLE9BQU8sRUFBRSxrQkFBa0IsRUFBZ0IsTUFBTSxzQkFBc0IsQ0FBQTtBQUN2RSxPQUFPLEVBQUUsTUFBTSxFQUFFLGdCQUFnQixFQUFFLE1BQU0sZ0JBQWdCLENBQUE7QUFFekQ7OztHQUdHO0FBQ0gsTUFBTSxPQUFPLGtCQUFrQjtJQUNyQixRQUFRLENBQWU7SUFDdkIsV0FBVyxDQUFhO0lBRXhCLE9BQU8sR0FBVyxNQUFNLENBQUMsTUFBTSxDQUFBO0lBRXZDLFlBQW9CLEdBQWdCO1FBQ2xDLE1BQU0sQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLENBQUE7UUFDdEIsTUFBTSxDQUFDLFVBQVUsRUFBRSxDQUFBO0lBQ3JCLENBQUM7SUFFTyxNQUFNLENBQUMsQ0FBQyxvQkFBb0I7UUFDbEMsSUFBSSxLQUFLLEdBQVcsQ0FBQyxDQUFBO1FBQ3JCLE9BQU8sSUFBSSxFQUFFLENBQUM7WUFDWixNQUFNLEtBQUssRUFBRSxDQUFBO1FBQ2YsQ0FBQztJQUNILENBQUM7SUFFTSxNQUFNLENBQUMsS0FBSyxDQUFDLE1BQU0sQ0FBQyxJQUErQjtRQUN4RCxNQUFNLFFBQVEsR0FBRyxJQUFJLGtCQUFrQixDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQTtRQUNqRCxRQUFRLENBQUMsT0FBTyxHQUFHLElBQUksQ0FBQyxNQUFNLElBQUksUUFBUSxDQUFDLE9BQU8sQ0FBQTtRQUNsRCxRQUFRLENBQUMsV0FBVyxHQUFHLE1BQU0sa0JBQWtCLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsQ0FBQTtRQUN0RSxRQUFRLENBQUMsUUFBUSxHQUFHLE1BQU0sa0JBQWtCLENBQUMsVUFBVSxDQUFDLFFBQVEsQ0FBQyxXQUFXLEVBQUUsSUFBSSxDQUFDLENBQUE7UUFDbkYsT0FBTyxRQUFRLENBQUE7SUFDakIsQ0FBQztJQUVPLE1BQU0sQ0FBQyxLQUFLLENBQUMsVUFBVSxDQUFDLFNBQXVCO1FBQ3JELE1BQU0sVUFBVSxHQUFhLGtCQUFrQixDQUFDLFNBQVMsQ0FBQyxDQUFBO1FBQzFELElBQUksVUFBVSxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUUsQ0FBQztZQUM1QixNQUFNLElBQUksS0FBSyxDQUFDLDhDQUE4QyxTQUFTLENBQUMsSUFBSSxFQUFFLENBQUMsQ0FBQTtRQUNqRixDQUFDO1FBRUQsTUFBTSxLQUFLLEdBQWUsRUFBRSxVQUFVLEVBQUUsSUFBSSxFQUFFLEVBQUUsRUFBRSxRQUFRLEVBQUUsSUFBSSxZQUFZLEVBQUUsRUFBRSxDQUFBO1FBQ2hGLE1BQU0sY0FBYyxHQUFzQixrQkFBa0IsQ0FBQyxvQkFBb0IsRUFBRSxDQUFBO1FBQ25GLEtBQUssTUFBTSxTQUFTLElBQUksVUFBVSxFQUFFLENBQUM7WUFDbkMsTUFBTSxTQUFTLEdBQVcsTUFBTSxFQUFFLENBQUMsUUFBUSxDQUFDLFNBQVMsRUFBRSxNQUFNLENBQUMsQ0FBQTtZQUM5RCxNQUFNLFFBQVEsR0FBUSxJQUFJLENBQUMsS0FBSyxDQUFDLFNBQVMsQ0FBUSxDQUFBO1lBRWxELEtBQUssTUFBTSxHQUFHLElBQUksUUFBUSxDQUFDLElBQUksRUFBRSxDQUFDO2dCQUNoQyxNQUFNLEtBQUssR0FBMkIsY0FBYyxDQUFDLElBQUksRUFBRSxDQUFBO2dCQUMzRCxJQUFJLFdBQVcsR0FBd0IsU0FBUyxDQUFBO2dCQUNoRCxLQUFLLE1BQU0sTUFBTSxJQUFJLEdBQUcsQ0FBQyxPQUFPLElBQUksRUFBRSxFQUFFLENBQUM7b0JBQ3ZDLFdBQVcsR0FBRzt3QkFDWixFQUFFLEVBQUUsS0FBSyxDQUFDLEtBQUs7d0JBQ2YsR0FBRzt3QkFDSCxRQUFRLEVBQUUsaUJBQWlCLENBQUMsR0FBRyxFQUFFLE1BQU0sQ0FBQyxDQUFDLElBQUk7cUJBQzlDLENBQUE7b0JBQ0QsS0FBSyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLEVBQUUsU0FBUyxFQUFFLE1BQU0sRUFBRSxXQUFXLEVBQUUsQ0FBQyxDQUFDLENBQUE7Z0JBQ3hFLENBQUM7Z0JBQ0QsV0FBVyxLQUFLO29CQUNkLEVBQUUsRUFBRSxLQUFLLENBQUMsS0FBSyxFQUFFLEdBQUcsRUFBRSxRQUFRLEVBQUUsdUJBQXVCLENBQUMsR0FBRyxDQUFDLENBQUMsSUFBSTtpQkFDbEUsQ0FBQTtnQkFDRCxLQUFLLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsQ0FBQTtZQUM5QixDQUFDO1FBQ0gsQ0FBQztRQUNELE9BQU8sS0FBSyxDQUFBO0lBQ2QsQ0FBQztJQUVEOzs7Ozs7OztPQVFHO0lBQ0ssTUFBTSxDQUFDLEtBQUssQ0FBQyxVQUFVLENBQzdCLFVBQXNCLEVBQ3RCLElBQWlFO1FBRWpFLE1BQU0sT0FBTyxHQUFpQixrQkFBa0IsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFO1lBQ2hFLFFBQVEsRUFBRSxJQUFJLENBQUMsUUFBUTtZQUN2QixPQUFPLEVBQUUsSUFBSSxDQUFDLE9BQU87WUFDckIsS0FBSyxFQUFFLGFBQWEsQ0FBQyxVQUFVLENBQUMsUUFBUSxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUM7WUFDckQsY0FBYyxFQUFFLG9CQUFvQixDQUFDLFVBQVUsRUFBRSxJQUFJLENBQUMsY0FBYyxDQUFDO1NBQ3RFLENBQUMsQ0FBQTtRQUNGLElBQUksSUFBSSxDQUFDLE1BQU0sRUFBRSxPQUFPLEVBQUUsQ0FBQztZQUN6QixPQUFPLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUsS0FBSyxDQUFDLENBQUE7UUFDeEMsQ0FBQztRQUNELElBQUksSUFBSSxDQUFDLE1BQU0sRUFBRSxPQUFPLEVBQUUsQ0FBQztZQUN6QixPQUFPLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxNQUFNLEVBQUUsS0FBSyxFQUFFLElBQUksQ0FBQyxNQUFNLEVBQUUsSUFBSSxDQUFDLENBQUE7UUFDM0QsQ0FBQztRQUNELElBQUksSUFBSSxDQUFDLEtBQUssRUFBRSxPQUFPLEVBQUUsQ0FBQztZQUN4QixPQUFPLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxLQUFLLEVBQUUsS0FBSyxDQUFDLENBQUE7UUFDdEMsQ0FBQztRQUNELElBQUksSUFBSSxDQUFDLEdBQUcsRUFBRSxPQUFPLEVBQUUsQ0FBQztZQUN0QixPQUFPLENBQUMsT0FBTyxFQUFFLENBQUE7UUFDbkIsQ0FBQztRQUNELE9BQU8sT0FBTyxDQUFBO0lBQ2hCLENBQUM7SUFFRDs7Ozs7T0FLRztJQUNJLEtBQUssQ0FBQyxJQUFJO1FBQ2YsSUFBSSxJQUFJLENBQUMsV0FBVyxJQUFJLElBQUksRUFBRSxDQUFDO1lBQzdCLE1BQU0sSUFBSSxLQUFLLENBQUMsZ0NBQWdDLENBQUMsQ0FBQTtRQUNuRCxDQUFDO1FBQ0QsSUFBSSxJQUFJLENBQUMsaUJBQWlCLEVBQUUsQ0FBQztZQUMzQixJQUFJLElBQUksQ0FBQyxRQUFRLElBQUksSUFBSSxFQUFFLENBQUM7Z0JBQzFCLE1BQU0sSUFBSSxLQUFLLENBQUMsaUNBQWlDLENBQUMsQ0FBQTtZQUNwRCxDQUFDO1lBQ0QsTUFBTSxJQUFJLEdBQVcsTUFBTSxJQUFJLENBQUMsUUFBUSxDQUFDLElBQUksRUFBRSxDQUFBO1lBQy9DLE1BQU0sQ0FBQyxJQUFJLENBQUMsdUJBQXVCLEVBQUUsSUFBSSxDQUFDLENBQUE7UUFDNUMsQ0FBQzthQUFNLENBQUM7WUFDTixNQUFNLENBQUMsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFBO1FBQzdDLENBQUM7SUFDSCxDQUFDO0lBRUQsSUFBWSxpQkFBaUI7UUFDM0IsSUFBSSxJQUFJLENBQUMsT0FBTyxJQUFJLElBQUksRUFBRSxDQUFDO1lBQ3pCLE9BQU8sSUFBSSxDQUFBO1FBQ2IsQ0FBQztRQUVELFFBQVEsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ3JCLEtBQUssTUFBTSxDQUFDLGdCQUFnQjtnQkFDMUIsT0FBTyxJQUFJLENBQUMsV0FBVyxFQUFFLFFBQVEsQ0FBQyxjQUFjLENBQUMsVUFBVSxFQUFFLGdCQUFnQixDQUFDLFFBQVEsQ0FBQyxJQUFJLElBQUksQ0FBQTtZQUNqRyxLQUFLLE1BQU0sQ0FBQyxZQUFZO2dCQUN0QixPQUFPLElBQUksQ0FBQyxXQUFXLEVBQUUsUUFBUSxDQUFDLGNBQWMsQ0FBQyxVQUFVLEVBQUUsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLElBQUksSUFBSSxDQUFBO1lBQzdGLEtBQUssTUFBTSxDQUFDLG9CQUFvQjtnQkFDOUIsT0FBTyxDQUFDLENBQUMsSUFBSSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsbUJBQW1CLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLENBQUE7WUFDaEYsS0FBSyxNQUFNLENBQUMsY0FBYztnQkFDeEIsT0FBTyxJQUFJLENBQUMsV0FBVyxFQUFFLFFBQVEsQ0FBQyxjQUFjLENBQUMsVUFBVSxFQUFFLGdCQUFnQixDQUFDLE1BQU0sQ0FBQyxJQUFJLElBQUksQ0FBQTtZQUMvRixLQUFLLE1BQU0sQ0FBQyxzQkFBc0I7Z0JBQ2hDLE9BQU8sQ0FBQyxDQUFDLElBQUksQ0FBQyxXQUFXLEVBQUUsUUFBUSxDQUFDLG1CQUFtQixDQUFDLGdCQUFnQixDQUFDLE1BQU0sQ0FBQyxDQUFBO1lBQ2xGLEtBQUssTUFBTSxDQUFDLFdBQVc7Z0JBQ3JCLE9BQU8sSUFBSSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsY0FBYyxDQUFDLFVBQVUsRUFBRSxnQkFBZ0IsQ0FBQyxHQUFHLENBQUMsSUFBSSxJQUFJLENBQUE7WUFDNUYsS0FBSyxNQUFNLENBQUMsbUJBQW1CO2dCQUM3QixPQUFPLENBQUMsQ0FBQyxJQUFJLENBQUMsV0FBVyxFQUFFLFFBQVEsQ0FBQyxtQkFBbUIsQ0FBQyxnQkFBZ0IsQ0FBQyxHQUFHLENBQUMsQ0FBQTtZQUMvRSxLQUFLLE1BQU0sQ0FBQyxZQUFZO2dCQUN0QixPQUFPLElBQUksQ0FBQyxXQUFXLEVBQUUsUUFBUSxDQUFDLGNBQWMsQ0FBQyxVQUFVLEVBQUUsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLElBQUksSUFBSSxDQUFBO1lBQzdGLEtBQUssTUFBTSxDQUFDLG9CQUFvQjtnQkFDOUIsT0FBTyxDQUFDLENBQUMsSUFBSSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsbUJBQW1CLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLENBQUE7WUFDaEYsS0FBSyxNQUFNLENBQUMsZUFBZTtnQkFDekIsT0FBTyxJQUFJLENBQUMsV0FBVyxFQUFFLFFBQVEsQ0FBQyxjQUFjLENBQUMsVUFBVSxFQUFFLGdCQUFnQixDQUFDLE9BQU8sQ0FBQyxJQUFJLElBQUksQ0FBQTtZQUNoRyxLQUFLLE1BQU0sQ0FBQyx1QkFBdUI7Z0JBQ2pDLE9BQU8sQ0FBQyxDQUFDLElBQUksQ0FBQyxXQUFXLEVBQUUsUUFBUSxDQUFDLG1CQUFtQixDQUFDLGdCQUFnQixDQUFDLE9BQU8sQ0FBQyxDQUFBO1lBQ25GLEtBQUssTUFBTSxDQUFDLFVBQVU7Z0JBQ3BCLE9BQU8sSUFBSSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsY0FBYyxDQUFDLE9BQU8sRUFBRSxhQUFhLENBQUMsS0FBSyxDQUFDLElBQUksSUFBSSxDQUFBO1lBQ3hGLEtBQUssTUFBTSxDQUFDLFlBQVk7Z0JBQ3RCLE9BQU8sSUFBSSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsY0FBYyxDQUFDLE9BQU8sRUFBRSxhQUFhLENBQUMsT0FBTyxDQUFDLElBQUksSUFBSSxDQUFBO1lBQzFGLEtBQUssTUFBTSxDQUFDLG9CQUFvQjtnQkFDOUIsT0FBTyxDQUFDLENBQUMsSUFBSSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsZ0JBQWdCLENBQUMsYUFBYSxDQUFDLE9BQU8sQ0FBQyxDQUFBO1lBQzdFLEtBQUssTUFBTSxDQUFDLFNBQVM7Z0JBQ25CLE9BQU8sSUFBSSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsY0FBYyxDQUFDLE9BQU8sRUFBRSxhQUFhLENBQUMsSUFBSSxDQUFDLElBQUksSUFBSSxDQUFBO1lBQ3ZGLEtBQUssTUFBTSxDQUFDLGlCQUFpQjtnQkFDM0IsT0FBTyxDQUFDLENBQUMsSUFBSSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsZ0JBQWdCLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxDQUFBO1lBQzFFLEtBQUssTUFBTSxDQUFDLFNBQVM7Z0JBQ25CLE9BQU8sSUFBSSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsY0FBYyxDQUFDLE9BQU8sRUFBRSxhQUFhLENBQUMsSUFBSSxDQUFDLElBQUksSUFBSSxDQUFBO1lBQ3ZGLEtBQUssTUFBTSxDQUFDLGlCQUFpQjtnQkFDM0IsT0FBTyxDQUFDLENBQUMsSUFBSSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsZ0JBQWdCLENBQUMsYUFBYSxDQUFDLElBQUksQ0FBQyxDQUFBO1lBQzFFLEtBQUssTUFBTSxDQUFDLFlBQVk7Z0JBQ3RCLE9BQU8sSUFBSSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsY0FBYyxDQUFDLE9BQU8sRUFBRSxhQUFhLENBQUMsT0FBTyxDQUFDLElBQUksSUFBSSxDQUFBO1lBQzFGLEtBQUssTUFBTSxDQUFDLG9CQUFvQjtnQkFDOUIsT0FBTyxDQUFDLENBQUMsSUFBSSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsZ0JBQWdCLENBQUMsYUFBYSxDQUFDLE9BQU8sQ0FBQyxDQUFBO1lBQzdFLEtBQUssTUFBTSxDQUFDLE1BQU07Z0JBQ2hCLE9BQU8sSUFBSSxDQUFBO1lBQ2IsS0FBSyxNQUFNLENBQUMsSUFBSTtnQkFDZCxPQUFPLENBQUMsSUFBSSxDQUFDLFdBQVcsRUFBRSxRQUFRLENBQUMsTUFBTSxJQUFJLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQTtZQUNyRCxLQUFLLE1BQU0sQ0FBQyxLQUFLO2dCQUNmLE9BQU8sQ0FBQyxJQUFJLENBQUMsV0FBVyxFQUFFLFFBQVEsQ0FBQyxNQUFNLElBQUksQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFBO1lBQ3ZELEtBQUssTUFBTSxDQUFDLEtBQUs7Z0JBQ2YsT0FBTyxLQUFLLENBQUE7WUFDZDtnQkFDRSxNQUFNLElBQUksS0FBSyxDQUFDLDZCQUE2QixJQUFJLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQTtRQUNoRSxDQUFDO0lBQ0gsQ0FBQztDQUNGIn0=
|
package/dist/index.cjs
CHANGED
|
@@ -66,33 +66,6 @@ var RepresentationType = /* @__PURE__ */ ((RepresentationType2) => {
|
|
|
66
66
|
RepresentationType2[RepresentationType2["CompactTotalPerSeverity"] = 7] = "CompactTotalPerSeverity";
|
|
67
67
|
return RepresentationType2;
|
|
68
68
|
})(RepresentationType || {});
|
|
69
|
-
var SendIf = /* @__PURE__ */ ((SendIf2) => {
|
|
70
|
-
SendIf2[SendIf2["SeverityCritical"] = 0] = "SeverityCritical";
|
|
71
|
-
SendIf2[SendIf2["SeverityHigh"] = 1] = "SeverityHigh";
|
|
72
|
-
SendIf2[SendIf2["SeverityHighOrHigher"] = 2] = "SeverityHighOrHigher";
|
|
73
|
-
SendIf2[SendIf2["SeverityMedium"] = 3] = "SeverityMedium";
|
|
74
|
-
SendIf2[SendIf2["SeverityMediumOrHigher"] = 4] = "SeverityMediumOrHigher";
|
|
75
|
-
SendIf2[SendIf2["SeverityLow"] = 5] = "SeverityLow";
|
|
76
|
-
SendIf2[SendIf2["SeverityLowOrHigher"] = 6] = "SeverityLowOrHigher";
|
|
77
|
-
SendIf2[SendIf2["SeverityNone"] = 7] = "SeverityNone";
|
|
78
|
-
SendIf2[SendIf2["SeverityNoneOrHigher"] = 8] = "SeverityNoneOrHigher";
|
|
79
|
-
SendIf2[SendIf2["SeverityUnknown"] = 9] = "SeverityUnknown";
|
|
80
|
-
SendIf2[SendIf2["SeverityUnknownOrHigher"] = 10] = "SeverityUnknownOrHigher";
|
|
81
|
-
SendIf2[SendIf2["LevelError"] = 11] = "LevelError";
|
|
82
|
-
SendIf2[SendIf2["LevelWarning"] = 12] = "LevelWarning";
|
|
83
|
-
SendIf2[SendIf2["LevelWarningOrHigher"] = 13] = "LevelWarningOrHigher";
|
|
84
|
-
SendIf2[SendIf2["LevelNote"] = 14] = "LevelNote";
|
|
85
|
-
SendIf2[SendIf2["LevelNoteOrHigher"] = 15] = "LevelNoteOrHigher";
|
|
86
|
-
SendIf2[SendIf2["LevelNone"] = 16] = "LevelNone";
|
|
87
|
-
SendIf2[SendIf2["LevelNoneOrHigher"] = 17] = "LevelNoneOrHigher";
|
|
88
|
-
SendIf2[SendIf2["LevelUnknown"] = 18] = "LevelUnknown";
|
|
89
|
-
SendIf2[SendIf2["LevelUnknownOrHigher"] = 19] = "LevelUnknownOrHigher";
|
|
90
|
-
SendIf2[SendIf2["Always"] = 20] = "Always";
|
|
91
|
-
SendIf2[SendIf2["Some"] = 21] = "Some";
|
|
92
|
-
SendIf2[SendIf2["Empty"] = 22] = "Empty";
|
|
93
|
-
SendIf2[SendIf2["Never"] = 23] = "Never";
|
|
94
|
-
return SendIf2;
|
|
95
|
-
})(SendIf || {});
|
|
96
69
|
var SecuritySeverity = /* @__PURE__ */ ((SecuritySeverity2) => {
|
|
97
70
|
SecuritySeverity2[SecuritySeverity2["Unknown"] = 0] = "Unknown";
|
|
98
71
|
SecuritySeverity2[SecuritySeverity2["None"] = 1] = "None";
|
|
@@ -125,7 +98,7 @@ var Color = class {
|
|
|
125
98
|
*/
|
|
126
99
|
constructor(color) {
|
|
127
100
|
this._color = this.mapColor(color);
|
|
128
|
-
this.
|
|
101
|
+
this.assertHexColor();
|
|
129
102
|
}
|
|
130
103
|
/**
|
|
131
104
|
* Returns a valid string that represents a color in hex format, or undefined.
|
|
@@ -133,7 +106,7 @@ var Color = class {
|
|
|
133
106
|
get value() {
|
|
134
107
|
return this._color;
|
|
135
108
|
}
|
|
136
|
-
|
|
109
|
+
assertHexColor() {
|
|
137
110
|
if (this._color != null) {
|
|
138
111
|
const hexColorRegex = /^#(?:[0-9A-Fa-f]{3}|[0-9A-Fa-f]{4}|[0-9A-Fa-f]{6}|[0-9A-Fa-f]{8})$/;
|
|
139
112
|
if (!hexColorRegex.test(this._color)) {
|
|
@@ -156,19 +129,16 @@ var Color = class {
|
|
|
156
129
|
}
|
|
157
130
|
}
|
|
158
131
|
};
|
|
159
|
-
function identifyColorCommon(findings, prop, none, unknown, color
|
|
132
|
+
function identifyColorCommon(findings, prop, none, unknown, color) {
|
|
160
133
|
if (color.none != null && findings.findByProperty(prop, none) != null) {
|
|
161
134
|
return color.none.value;
|
|
162
135
|
}
|
|
163
136
|
if (color.unknown != null && findings.findByProperty(prop, unknown) != null) {
|
|
164
137
|
return color.unknown.value;
|
|
165
138
|
}
|
|
166
|
-
|
|
167
|
-
return color.empty.value;
|
|
168
|
-
}
|
|
169
|
-
return defaultColor?.value;
|
|
139
|
+
return void 0;
|
|
170
140
|
}
|
|
171
|
-
function identifyColorBySeverity(findings, color
|
|
141
|
+
function identifyColorBySeverity(findings, color) {
|
|
172
142
|
if (color.critical != null && findings.findByProperty("severity", 5 /* Critical */) != null) {
|
|
173
143
|
return color.critical.value;
|
|
174
144
|
}
|
|
@@ -181,9 +151,9 @@ function identifyColorBySeverity(findings, color, defaultColor) {
|
|
|
181
151
|
if (color.low != null && findings.findByProperty("severity", 2 /* Low */) != null) {
|
|
182
152
|
return color.low.value;
|
|
183
153
|
}
|
|
184
|
-
return identifyColorCommon(findings, "severity", 1 /* None */, 0 /* Unknown */, color
|
|
154
|
+
return identifyColorCommon(findings, "severity", 1 /* None */, 0 /* Unknown */, color);
|
|
185
155
|
}
|
|
186
|
-
function identifyColorByLevel(findings, color
|
|
156
|
+
function identifyColorByLevel(findings, color) {
|
|
187
157
|
if (color.error != null && findings.findByProperty("level", 4 /* Error */) != null) {
|
|
188
158
|
return color.error.value;
|
|
189
159
|
}
|
|
@@ -193,64 +163,126 @@ function identifyColorByLevel(findings, color, defaultColor) {
|
|
|
193
163
|
if (color.note != null && findings.findByProperty("level", 2 /* Note */) != null) {
|
|
194
164
|
return color.note.value;
|
|
195
165
|
}
|
|
196
|
-
return identifyColorCommon(findings, "level", 1 /* None */, 0 /* Unknown */, color
|
|
166
|
+
return identifyColorCommon(findings, "level", 1 /* None */, 0 /* Unknown */, color);
|
|
197
167
|
}
|
|
198
168
|
function identifyColor(findings, colorOpts) {
|
|
199
|
-
if (colorOpts
|
|
200
|
-
return
|
|
201
|
-
}
|
|
202
|
-
if (colorOpts?.byLevel != null) {
|
|
203
|
-
return identifyColorByLevel(findings, colorOpts.byLevel, colorOpts.default);
|
|
169
|
+
if (!colorOpts) {
|
|
170
|
+
return void 0;
|
|
204
171
|
}
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
var import_fs2 = require("fs");
|
|
210
|
-
|
|
211
|
-
// src/Logger.ts
|
|
212
|
-
var import_tslog = require("tslog");
|
|
213
|
-
var Logger = class _Logger {
|
|
214
|
-
static DEFAULT_LOG_LEVEL = 3 /* Info */;
|
|
215
|
-
static DEFAULT_LOG_TEMPLATE = "[{{logLevelName}}] [{{name}}] {{dateIsoStr}} ";
|
|
216
|
-
static DEFAULT_LOG_COLORED = true;
|
|
217
|
-
static instance;
|
|
218
|
-
static initialize(opts) {
|
|
219
|
-
if (!_Logger.instance) {
|
|
220
|
-
_Logger.instance = new import_tslog.Logger({
|
|
221
|
-
name: "@fabasoad/sarif-to-slack",
|
|
222
|
-
minLevel: process.env.ACTIONS_STEP_DEBUG === "true" ? 0 /* Silly */ : opts?.level ?? _Logger.DEFAULT_LOG_LEVEL,
|
|
223
|
-
type: "pretty",
|
|
224
|
-
prettyLogTimeZone: "UTC",
|
|
225
|
-
prettyLogTemplate: opts?.template ?? _Logger.DEFAULT_LOG_TEMPLATE,
|
|
226
|
-
stylePrettyLogs: opts?.colored ?? _Logger.DEFAULT_LOG_COLORED
|
|
227
|
-
});
|
|
172
|
+
if (colorOpts.bySeverity) {
|
|
173
|
+
const color = identifyColorBySeverity(findings, colorOpts.bySeverity);
|
|
174
|
+
if (color !== void 0) {
|
|
175
|
+
return color;
|
|
228
176
|
}
|
|
229
177
|
}
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
178
|
+
if (colorOpts.byLevel) {
|
|
179
|
+
const color = identifyColorByLevel(findings, colorOpts.byLevel);
|
|
180
|
+
if (color !== void 0) {
|
|
181
|
+
return color;
|
|
182
|
+
}
|
|
235
183
|
}
|
|
236
|
-
|
|
237
|
-
|
|
184
|
+
if (findings.length === 0 && colorOpts.empty?.value !== void 0) {
|
|
185
|
+
return colorOpts.empty.value;
|
|
238
186
|
}
|
|
239
|
-
|
|
240
|
-
|
|
187
|
+
return colorOpts?.default?.value;
|
|
188
|
+
}
|
|
189
|
+
|
|
190
|
+
// src/model/SendIf.ts
|
|
191
|
+
var SendIf = /* @__PURE__ */ ((SendIf2) => {
|
|
192
|
+
SendIf2[SendIf2["SeverityCritical"] = 0] = "SeverityCritical";
|
|
193
|
+
SendIf2[SendIf2["SeverityHigh"] = 1] = "SeverityHigh";
|
|
194
|
+
SendIf2[SendIf2["SeverityHighOrHigher"] = 2] = "SeverityHighOrHigher";
|
|
195
|
+
SendIf2[SendIf2["SeverityMedium"] = 3] = "SeverityMedium";
|
|
196
|
+
SendIf2[SendIf2["SeverityMediumOrHigher"] = 4] = "SeverityMediumOrHigher";
|
|
197
|
+
SendIf2[SendIf2["SeverityLow"] = 5] = "SeverityLow";
|
|
198
|
+
SendIf2[SendIf2["SeverityLowOrHigher"] = 6] = "SeverityLowOrHigher";
|
|
199
|
+
SendIf2[SendIf2["SeverityNone"] = 7] = "SeverityNone";
|
|
200
|
+
SendIf2[SendIf2["SeverityNoneOrHigher"] = 8] = "SeverityNoneOrHigher";
|
|
201
|
+
SendIf2[SendIf2["SeverityUnknown"] = 9] = "SeverityUnknown";
|
|
202
|
+
SendIf2[SendIf2["SeverityUnknownOrHigher"] = 10] = "SeverityUnknownOrHigher";
|
|
203
|
+
SendIf2[SendIf2["LevelError"] = 11] = "LevelError";
|
|
204
|
+
SendIf2[SendIf2["LevelWarning"] = 12] = "LevelWarning";
|
|
205
|
+
SendIf2[SendIf2["LevelWarningOrHigher"] = 13] = "LevelWarningOrHigher";
|
|
206
|
+
SendIf2[SendIf2["LevelNote"] = 14] = "LevelNote";
|
|
207
|
+
SendIf2[SendIf2["LevelNoteOrHigher"] = 15] = "LevelNoteOrHigher";
|
|
208
|
+
SendIf2[SendIf2["LevelNone"] = 16] = "LevelNone";
|
|
209
|
+
SendIf2[SendIf2["LevelNoneOrHigher"] = 17] = "LevelNoneOrHigher";
|
|
210
|
+
SendIf2[SendIf2["LevelUnknown"] = 18] = "LevelUnknown";
|
|
211
|
+
SendIf2[SendIf2["LevelUnknownOrHigher"] = 19] = "LevelUnknownOrHigher";
|
|
212
|
+
SendIf2[SendIf2["Always"] = 20] = "Always";
|
|
213
|
+
SendIf2[SendIf2["Some"] = 21] = "Some";
|
|
214
|
+
SendIf2[SendIf2["Empty"] = 22] = "Empty";
|
|
215
|
+
SendIf2[SendIf2["Never"] = 23] = "Never";
|
|
216
|
+
return SendIf2;
|
|
217
|
+
})(SendIf || {});
|
|
218
|
+
function sendIfLogMessage(sendIf) {
|
|
219
|
+
switch (sendIf) {
|
|
220
|
+
case 0 /* SeverityCritical */:
|
|
221
|
+
return 'No message sent: no findings with "Critical" severity.';
|
|
222
|
+
case 1 /* SeverityHigh */:
|
|
223
|
+
return 'No message sent: no findings with "High" severity.';
|
|
224
|
+
case 2 /* SeverityHighOrHigher */:
|
|
225
|
+
return 'No message sent: no findings with "High" or higher severity.';
|
|
226
|
+
case 3 /* SeverityMedium */:
|
|
227
|
+
return 'No message sent: no findings with "Medium" severity.';
|
|
228
|
+
case 4 /* SeverityMediumOrHigher */:
|
|
229
|
+
return 'No message sent: no findings with "Medium" or higher severity.';
|
|
230
|
+
case 5 /* SeverityLow */:
|
|
231
|
+
return 'No message sent: no findings with "Low" severity.';
|
|
232
|
+
case 6 /* SeverityLowOrHigher */:
|
|
233
|
+
return 'No message sent: no findings with "Low" or higher severity.';
|
|
234
|
+
case 7 /* SeverityNone */:
|
|
235
|
+
return 'No message sent: no findings with "None" severity.';
|
|
236
|
+
case 8 /* SeverityNoneOrHigher */:
|
|
237
|
+
return 'No message sent: no findings with "None" or higher severity.';
|
|
238
|
+
case 9 /* SeverityUnknown */:
|
|
239
|
+
return 'No message sent: no findings with "Unknown" severity.';
|
|
240
|
+
case 10 /* SeverityUnknownOrHigher */:
|
|
241
|
+
return 'No message sent: no findings with "Unknown" or higher severity.';
|
|
242
|
+
case 11 /* LevelError */:
|
|
243
|
+
return 'No message sent: no findings with "Error" level.';
|
|
244
|
+
case 12 /* LevelWarning */:
|
|
245
|
+
return 'No message sent: no findings with "Warning" level.';
|
|
246
|
+
case 13 /* LevelWarningOrHigher */:
|
|
247
|
+
return 'No message sent: no findings with "Warning" or higher level.';
|
|
248
|
+
case 14 /* LevelNote */:
|
|
249
|
+
return 'No message sent: no findings with "Note" level.';
|
|
250
|
+
case 15 /* LevelNoteOrHigher */:
|
|
251
|
+
return 'No message sent: no findings with "Note" or higher level.';
|
|
252
|
+
case 16 /* LevelNone */:
|
|
253
|
+
return 'No message sent: no findings with "None" level.';
|
|
254
|
+
case 17 /* LevelNoneOrHigher */:
|
|
255
|
+
return 'No message sent: no findings with "None" or higher level.';
|
|
256
|
+
case 18 /* LevelUnknown */:
|
|
257
|
+
return 'No message sent: no findings with "Unknown" level.';
|
|
258
|
+
case 19 /* LevelUnknownOrHigher */:
|
|
259
|
+
return 'No message sent: no findings with "Unknown" or higher level.';
|
|
260
|
+
case 20 /* Always */:
|
|
261
|
+
return "Message always sent.";
|
|
262
|
+
case 21 /* Some */:
|
|
263
|
+
return "No message sent: findings are not found.";
|
|
264
|
+
case 22 /* Empty */:
|
|
265
|
+
return "No message sent: some findings are found.";
|
|
266
|
+
case 23 /* Never */:
|
|
267
|
+
return "No message sent: sending is disabled.";
|
|
268
|
+
default:
|
|
269
|
+
return "Unknown SendIf value.";
|
|
241
270
|
}
|
|
242
|
-
}
|
|
271
|
+
}
|
|
243
272
|
|
|
244
|
-
// src/
|
|
273
|
+
// src/model/SlackMessage.ts
|
|
245
274
|
var import_webhook = require("@slack/webhook");
|
|
246
275
|
|
|
247
276
|
// src/metadata.json
|
|
248
|
-
var version = "1.1
|
|
249
|
-
var sha = "
|
|
250
|
-
var buildAt = "2025-08-
|
|
277
|
+
var version = "1.2.1";
|
|
278
|
+
var sha = "bc366246587f5b1994f9ff015c5b9985041a05dc";
|
|
279
|
+
var buildAt = "2025-08-17T14:51:24Z";
|
|
251
280
|
|
|
252
|
-
// src/
|
|
253
|
-
|
|
281
|
+
// src/model/SlackMessage.ts
|
|
282
|
+
function createSlackMessage(url, opts) {
|
|
283
|
+
return new SlackMessageImpl(url, opts);
|
|
284
|
+
}
|
|
285
|
+
var SlackMessageImpl = class {
|
|
254
286
|
_webhook;
|
|
255
287
|
_gitHubServerUrl;
|
|
256
288
|
_color;
|
|
@@ -331,6 +363,42 @@ var SlackMessageBuilder = class {
|
|
|
331
363
|
}
|
|
332
364
|
};
|
|
333
365
|
|
|
366
|
+
// src/SarifToSlackClient.ts
|
|
367
|
+
var import_fs2 = require("fs");
|
|
368
|
+
|
|
369
|
+
// src/Logger.ts
|
|
370
|
+
var import_tslog = require("tslog");
|
|
371
|
+
var Logger = class _Logger {
|
|
372
|
+
static DEFAULT_LOG_LEVEL = 3 /* Info */;
|
|
373
|
+
static DEFAULT_LOG_TEMPLATE = "[{{logLevelName}}] [{{name}}] {{dateIsoStr}} ";
|
|
374
|
+
static DEFAULT_LOG_COLORED = true;
|
|
375
|
+
static instance;
|
|
376
|
+
static initialize(opts) {
|
|
377
|
+
if (!_Logger.instance) {
|
|
378
|
+
_Logger.instance = new import_tslog.Logger({
|
|
379
|
+
name: "@fabasoad/sarif-to-slack",
|
|
380
|
+
minLevel: process.env.ACTIONS_STEP_DEBUG === "true" ? 0 /* Silly */ : opts?.level ?? _Logger.DEFAULT_LOG_LEVEL,
|
|
381
|
+
type: "pretty",
|
|
382
|
+
prettyLogTimeZone: "UTC",
|
|
383
|
+
prettyLogTemplate: opts?.template ?? _Logger.DEFAULT_LOG_TEMPLATE,
|
|
384
|
+
stylePrettyLogs: opts?.colored ?? _Logger.DEFAULT_LOG_COLORED
|
|
385
|
+
});
|
|
386
|
+
}
|
|
387
|
+
}
|
|
388
|
+
static warn(...args) {
|
|
389
|
+
_Logger.instance.warn(...args);
|
|
390
|
+
}
|
|
391
|
+
static info(...args) {
|
|
392
|
+
_Logger.instance.info(...args);
|
|
393
|
+
}
|
|
394
|
+
static debug(...args) {
|
|
395
|
+
_Logger.instance.debug(...args);
|
|
396
|
+
}
|
|
397
|
+
static trace(...args) {
|
|
398
|
+
_Logger.instance.trace(...args);
|
|
399
|
+
}
|
|
400
|
+
};
|
|
401
|
+
|
|
334
402
|
// src/System.ts
|
|
335
403
|
var System = class {
|
|
336
404
|
static initialize() {
|
|
@@ -399,8 +467,8 @@ var ExtendedArray = class extends Array {
|
|
|
399
467
|
}
|
|
400
468
|
};
|
|
401
469
|
|
|
402
|
-
// src/model/
|
|
403
|
-
var
|
|
470
|
+
// src/model/FindingArray.ts
|
|
471
|
+
var FindingArray = class extends ExtendedArray {
|
|
404
472
|
hasSeverityOrHigher(severity) {
|
|
405
473
|
return Object.values(SecuritySeverity).filter((v) => typeof v === "number").filter((v) => v >= severity).some((v) => this.findByProperty("severity", v) != null);
|
|
406
474
|
}
|
|
@@ -417,7 +485,7 @@ var Representation = class {
|
|
|
417
485
|
this._model.findings = model.findings.map((f) => f.clone()).sort(findingsComparatorByKey(findingSortKey)).reduce((arr, f) => {
|
|
418
486
|
arr.push(f);
|
|
419
487
|
return arr;
|
|
420
|
-
}, new
|
|
488
|
+
}, new FindingArray());
|
|
421
489
|
}
|
|
422
490
|
bold(text) {
|
|
423
491
|
return `*${text}*`;
|
|
@@ -747,9 +815,9 @@ function createProcessor(run, result) {
|
|
|
747
815
|
|
|
748
816
|
// src/model/Finding.ts
|
|
749
817
|
function createFinding(opts) {
|
|
750
|
-
return new
|
|
818
|
+
return new FindingImpl(opts);
|
|
751
819
|
}
|
|
752
|
-
var
|
|
820
|
+
var FindingImpl = class {
|
|
753
821
|
_runMetadata;
|
|
754
822
|
_result;
|
|
755
823
|
_sarifPath;
|
|
@@ -847,12 +915,9 @@ var SarifToSlackClient = class _SarifToSlackClient {
|
|
|
847
915
|
}
|
|
848
916
|
static async create(opts) {
|
|
849
917
|
const instance = new _SarifToSlackClient(opts.log);
|
|
850
|
-
Logger.trace("opts", opts);
|
|
851
918
|
instance._sendIf = opts.sendIf ?? instance._sendIf;
|
|
852
919
|
instance._sarifModel = await _SarifToSlackClient.buildModel(opts.sarif);
|
|
853
|
-
Logger.trace("instance._sarifModel", instance._sarifModel);
|
|
854
920
|
instance._message = await _SarifToSlackClient.initialize(instance._sarifModel, opts);
|
|
855
|
-
Logger.trace("instance._message", instance._message);
|
|
856
921
|
return instance;
|
|
857
922
|
}
|
|
858
923
|
static async buildModel(sarifOpts) {
|
|
@@ -860,7 +925,7 @@ var SarifToSlackClient = class _SarifToSlackClient {
|
|
|
860
925
|
if (sarifFiles.length === 0) {
|
|
861
926
|
throw new Error(`No SARIF files found at the provided path: ${sarifOpts.path}`);
|
|
862
927
|
}
|
|
863
|
-
const model = { sarifFiles, runs: [], findings: new
|
|
928
|
+
const model = { sarifFiles, runs: [], findings: new FindingArray() };
|
|
864
929
|
const runIdGenerator = _SarifToSlackClient.createRunIdGenerator();
|
|
865
930
|
for (const sarifPath of sarifFiles) {
|
|
866
931
|
const sarifJson = await import_fs2.promises.readFile(sarifPath, "utf8");
|
|
@@ -896,7 +961,7 @@ var SarifToSlackClient = class _SarifToSlackClient {
|
|
|
896
961
|
* @private
|
|
897
962
|
*/
|
|
898
963
|
static async initialize(sarifModel, opts) {
|
|
899
|
-
const message =
|
|
964
|
+
const message = createSlackMessage(opts.webhookUrl, {
|
|
900
965
|
username: opts.username,
|
|
901
966
|
iconUrl: opts.iconUrl,
|
|
902
967
|
color: identifyColor(sarifModel.findings, opts.color),
|
|
@@ -933,7 +998,7 @@ var SarifToSlackClient = class _SarifToSlackClient {
|
|
|
933
998
|
const text = await this._message.send();
|
|
934
999
|
Logger.info("Message sent. Status:", text);
|
|
935
1000
|
} else {
|
|
936
|
-
Logger.info(
|
|
1001
|
+
Logger.info(sendIfLogMessage(this._sendIf));
|
|
937
1002
|
}
|
|
938
1003
|
}
|
|
939
1004
|
get shouldSendMessage() {
|
package/dist/index.d.ts
CHANGED
|
@@ -21,6 +21,8 @@
|
|
|
21
21
|
* username: 'SARIF to Slack Bot',
|
|
22
22
|
* iconUrl: 'https://example.com/icon.png',
|
|
23
23
|
* color: {
|
|
24
|
+
* default: new Color('failure'),
|
|
25
|
+
* empty: new Color('success'),
|
|
24
26
|
* bySeverity: {
|
|
25
27
|
* critical: new Color('#ff0000'),
|
|
26
28
|
* high: new Color('#ff4500'),
|
|
@@ -28,7 +30,13 @@
|
|
|
28
30
|
* low: new Color('#ffff00'),
|
|
29
31
|
* none: new Color('#808080'),
|
|
30
32
|
* unknown: new Color('#800080'),
|
|
31
|
-
*
|
|
33
|
+
* },
|
|
34
|
+
* byLevel: {
|
|
35
|
+
* error: new Color('#ff0000'),
|
|
36
|
+
* warning: new Color('#ffa500'),
|
|
37
|
+
* note: new Color('#ffff00'),
|
|
38
|
+
* none: new Color('#808080'),
|
|
39
|
+
* unknown: new Color('#800080'),
|
|
32
40
|
* },
|
|
33
41
|
* },
|
|
34
42
|
* sarif: {
|
|
@@ -68,6 +76,8 @@
|
|
|
68
76
|
* @packageDocumentation
|
|
69
77
|
*/
|
|
70
78
|
export { Color, ColorOptions, ColorGroupByLevel, ColorGroupBySeverity } from './model/Color';
|
|
79
|
+
export { SendIf } from './model/SendIf';
|
|
80
|
+
export { SlackMessage } from './model/SlackMessage';
|
|
71
81
|
export { SarifToSlackClient } from './SarifToSlackClient';
|
|
72
|
-
export { FooterOptions, FooterType, IncludeAwareOptions, IncludeAwareWithValueOptions, LogLevel, LogOptions, RepresentationType, SarifFileExtension, SarifOptions, SarifToSlackClientOptions
|
|
82
|
+
export { FooterOptions, FooterType, IncludeAwareOptions, IncludeAwareWithValueOptions, LogLevel, LogOptions, RepresentationType, SarifFileExtension, SarifOptions, SarifToSlackClientOptions } from './types';
|
|
73
83
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAEA
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAEA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4EG;AACH,OAAO,EACL,KAAK,EACL,YAAY,EACZ,iBAAiB,EACjB,oBAAoB,EACrB,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,MAAM,EAAE,MAAM,gBAAgB,CAAA;AACvC,OAAO,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAA;AACnD,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAA;AACzD,OAAO,EACL,aAAa,EACb,UAAU,EACV,mBAAmB,EACnB,4BAA4B,EAC5B,QAAQ,EACR,UAAU,EACV,kBAAkB,EAClB,kBAAkB,EAClB,YAAY,EACZ,yBAAyB,EAC1B,MAAM,SAAS,CAAA"}
|
package/dist/index.js
CHANGED
|
@@ -22,6 +22,8 @@
|
|
|
22
22
|
* username: 'SARIF to Slack Bot',
|
|
23
23
|
* iconUrl: 'https://example.com/icon.png',
|
|
24
24
|
* color: {
|
|
25
|
+
* default: new Color('failure'),
|
|
26
|
+
* empty: new Color('success'),
|
|
25
27
|
* bySeverity: {
|
|
26
28
|
* critical: new Color('#ff0000'),
|
|
27
29
|
* high: new Color('#ff4500'),
|
|
@@ -29,7 +31,13 @@
|
|
|
29
31
|
* low: new Color('#ffff00'),
|
|
30
32
|
* none: new Color('#808080'),
|
|
31
33
|
* unknown: new Color('#800080'),
|
|
32
|
-
*
|
|
34
|
+
* },
|
|
35
|
+
* byLevel: {
|
|
36
|
+
* error: new Color('#ff0000'),
|
|
37
|
+
* warning: new Color('#ffa500'),
|
|
38
|
+
* note: new Color('#ffff00'),
|
|
39
|
+
* none: new Color('#808080'),
|
|
40
|
+
* unknown: new Color('#800080'),
|
|
33
41
|
* },
|
|
34
42
|
* },
|
|
35
43
|
* sarif: {
|
|
@@ -69,6 +77,7 @@
|
|
|
69
77
|
* @packageDocumentation
|
|
70
78
|
*/
|
|
71
79
|
export { Color } from './model/Color';
|
|
80
|
+
export { SendIf } from './model/SendIf';
|
|
72
81
|
export { SarifToSlackClient } from './SarifToSlackClient';
|
|
73
|
-
export { FooterType, LogLevel, RepresentationType
|
|
74
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
82
|
+
export { FooterType, LogLevel, RepresentationType } from './types';
|
|
83
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsMEZBQTBGO0FBRTFGOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O0dBNEVHO0FBQ0gsT0FBTyxFQUNMLEtBQUssRUFJTixNQUFNLGVBQWUsQ0FBQTtBQUN0QixPQUFPLEVBQUUsTUFBTSxFQUFFLE1BQU0sZ0JBQWdCLENBQUE7QUFFdkMsT0FBTyxFQUFFLGtCQUFrQixFQUFFLE1BQU0sc0JBQXNCLENBQUE7QUFDekQsT0FBTyxFQUVMLFVBQVUsRUFHVixRQUFRLEVBRVIsa0JBQWtCLEVBSW5CLE1BQU0sU0FBUyxDQUFBIn0=
|
package/dist/model/Color.d.ts
CHANGED
|
@@ -18,7 +18,7 @@ export declare class Color {
|
|
|
18
18
|
* Returns a valid string that represents a color in hex format, or undefined.
|
|
19
19
|
*/
|
|
20
20
|
get value(): string | undefined;
|
|
21
|
-
private
|
|
21
|
+
private assertHexColor;
|
|
22
22
|
private mapColor;
|
|
23
23
|
}
|
|
24
24
|
/**
|
|
@@ -29,7 +29,6 @@ export declare class Color {
|
|
|
29
29
|
type ColorGroupCommon = {
|
|
30
30
|
none?: Color;
|
|
31
31
|
unknown?: Color;
|
|
32
|
-
empty?: Color;
|
|
33
32
|
};
|
|
34
33
|
/**
|
|
35
34
|
* Color schema for the findings with the certain level. Color is used by the
|
|
@@ -75,6 +74,10 @@ export type ColorOptions = {
|
|
|
75
74
|
* Color scheme for the findings where certain severity is presented.
|
|
76
75
|
*/
|
|
77
76
|
bySeverity?: ColorGroupBySeverity;
|
|
77
|
+
/**
|
|
78
|
+
* Color when no findings are found.
|
|
79
|
+
*/
|
|
80
|
+
empty?: Color;
|
|
78
81
|
};
|
|
79
82
|
export {};
|
|
80
83
|
//# sourceMappingURL=Color.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"Color.d.ts","sourceRoot":"","sources":["../../src/model/Color.ts"],"names":[],"mappings":"AAIA;;;GAGG;AACH,qBAAa,KAAK;IAChB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAQ;IAEhC;;;;;;;;OAQG;gBACgB,KAAK,CAAC,EAAE,MAAM;IAKjC;;OAEG;IACH,IAAW,KAAK,IAAI,MAAM,GAAG,SAAS,CAErC;IAED,OAAO,CAAC,
|
|
1
|
+
{"version":3,"file":"Color.d.ts","sourceRoot":"","sources":["../../src/model/Color.ts"],"names":[],"mappings":"AAIA;;;GAGG;AACH,qBAAa,KAAK;IAChB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAQ;IAEhC;;;;;;;;OAQG;gBACgB,KAAK,CAAC,EAAE,MAAM;IAKjC;;OAEG;IACH,IAAW,KAAK,IAAI,MAAM,GAAG,SAAS,CAErC;IAED,OAAO,CAAC,cAAc;IAUtB,OAAO,CAAC,QAAQ;CAcjB;AAED;;;;GAIG;AACH,KAAK,gBAAgB,GAAG;IACtB,IAAI,CAAC,EAAE,KAAK,CAAC;IACb,OAAO,CAAC,EAAE,KAAK,CAAC;CACjB,CAAA;AAED;;;;;;GAMG;AACH,MAAM,MAAM,iBAAiB,GAAG,gBAAgB,GAAG;IACjD,KAAK,CAAC,EAAE,KAAK,CAAC;IACd,OAAO,CAAC,EAAE,KAAK,CAAC;IAChB,IAAI,CAAC,EAAE,KAAK,CAAC;CACd,CAAA;AAED;;;;;;GAMG;AACH,MAAM,MAAM,oBAAoB,GAAG,gBAAgB,GAAG;IACpD,QAAQ,CAAC,EAAE,KAAK,CAAC;IACjB,IAAI,CAAC,EAAE,KAAK,CAAC;IACb,MAAM,CAAC,EAAE,KAAK,CAAC;IACf,GAAG,CAAC,EAAE,KAAK,CAAC;CACb,CAAA;AAED;;;;;GAKG;AACH,MAAM,MAAM,YAAY,GAAG;IACzB;;OAEG;IACH,OAAO,CAAC,EAAE,KAAK,CAAC;IAChB;;OAEG;IACH,OAAO,CAAC,EAAE,iBAAiB,CAAC;IAC5B;;OAEG;IACH,UAAU,CAAC,EAAE,oBAAoB,CAAC;IAClC;;OAEG;IACH,KAAK,CAAC,EAAE,KAAK,CAAC;CACf,CAAA"}
|