@fabasoad/sarif-to-slack 1.3.0 → 1.3.2

package/src/representations/table/Column.ts

@@ -0,0 +1,39 @@
+import type Cell from './Cell'
+import Logger from '../../Logger'
+
+export default class Column {
+  private readonly _logger: Logger = new Logger('Column');
+  private readonly _cells: Cell[];
+
+  public constructor(
+    public readonly header: string,
+    cellsCount: number,
+  ) {
+    this._cells = new Array<Cell>(cellsCount)
+  }
+
+  public get total(): number {
+    return this._cells
+      .reduce((sum: number, c: Cell): number => {
+        sum += Number(c.value)
+        return sum
+      }, 0)
+  }
+
+  public get width(): number {
+    return Math.max(
+      ...this._cells.map((c: Cell): number => c.getWidth()),
+      this.total.toString().length
+    )
+  }
+
+  public setCell(index: number, value: Cell): void {
+    if (index >= 0 && index < this._cells.length) {
+      this._cells[index] = value
+      const width: number = this.width
+      this._cells.forEach((c: Cell): void => c.setWidth(width))
+    } else {
+      this._logger.warn(`Cell index out of range. Requested index: ${index}. Cells count: ${this._cells.length}.`)
+    }
+  }
+}

package/src/representations/table/Row.ts

@@ -0,0 +1,50 @@
+import Cell from './Cell'
+import Logger from '../../Logger'
+
+export default class Row {
+  private readonly _logger = new Logger('Row');
+  private readonly _cells: Cell[];
+  private _totalWidth: number;
+
+  public constructor(
+    private readonly _header: string,
+    public readonly headerWidth: number,
+    cellsCount: number,
+  ) {
+    this._cells = Array.from({ length: cellsCount }, (): Cell => new Cell())
+    this._totalWidth = 1
+  }
+
+  public get total(): number {
+    return this._cells
+      .reduce((sum: number, c: Cell): number => {
+        sum += Number(c.value)
+        return sum
+      }, 0)
+  }
+
+  public setCell(index: number, value: Cell): void {
+    if (index >= 0 && index < this._cells.length) {
+      this._cells[index] = value
+    } else {
+      this._logger.warn(`Setting cell failed. Reason: index out of range. Requested index: ${index}. Cells count: ${this._cells.length}.`)
+    }
+  }
+
+  public get totalWidth(): number {
+    return this._totalWidth
+  }
+
+  public setTotalWidth(value: number): void {
+    this._totalWidth = value
+  }
+
+  public toString(): string {
+    const result: string[] = []
+    result.push(`${this._header}${this.headerWidth > this._header.length ? ' '.repeat(this.headerWidth - this._header.length) : ''}`)
+    this._cells.map((c: Cell): string => c.toString()).forEach((v: string): number => result.push(v))
+    const totalStr: string = this.total.toString();
+    result.push(`${totalStr}${this._totalWidth > totalStr.length ? ' '.repeat(this._totalWidth - totalStr.length) : ''}`)
+    return `|${result.join('|')}|`
+  }
+}

package/src/representations/table/Table.ts

@@ -0,0 +1,93 @@
+import Column from './Column'
+import Row from './Row'
+import Cell from './Cell'
+
+const HEADER_TOTAL: string = 'Total'
+
+export type TableHeaders = {
+  main?: string,
+  rows: string[],
+  columns: string[],
+}
+
+export default class Table {
+  private readonly header: string
+  private readonly columns: Column[]
+  private readonly rows: Row[]
+
+  public constructor(
+    headers: TableHeaders,
+  ) {
+    this.header = headers.main ?? ''
+    this.columns = Array.from(
+      { length: headers.columns.length },
+      (_: unknown, index: number): Column => new Column(headers.columns[index], headers.rows.length)
+    )
+    const headerWidth: number = Math.max(
+      this.header.length,
+      ...headers.rows.map((v: string): number => v.length),
+      HEADER_TOTAL.length,
+    )
+    this.rows = Array.from(
+      { length: headers.rows.length },
+      (_: unknown, index: number): Row => new Row(headers.rows[index], headerWidth, headers.columns.length)
+    )
+  }
+
+  public set(rowIndex: number, columnIndex: number, v: number): void {
+    if (rowIndex >= 0 && rowIndex < this.rows.length && columnIndex >= 0 && columnIndex < this.columns.length) {
+      const cell = new Cell(v)
+      cell.setWidth(this.columns[columnIndex].header.length)
+      this.columns[columnIndex].setCell(rowIndex, cell)
+      this.rows[rowIndex].setCell(columnIndex, cell)
+      // Update width of the last cell ("Total") of every row, so that it is shown
+      // correctly in string representation
+      const rowTotalWidth: number = Math.max(
+        // Based on the sum of all total values
+        this.rows.reduce((sum: number, r: Row): number => {
+          sum += r.total
+          return sum
+        }, 0).toString().length,
+        // Based on the width of "Total" header
+        HEADER_TOTAL.length,
+      )
+      this.rows.forEach((r: Row): void => r.setTotalWidth(rowTotalWidth))
+    }
+  }
+
+  public toString(): string {
+    const rowsStr: string[] = [];
+    if (this.rows.length > 0 && this.columns.length > 0) {
+      this.rows.forEach((row: Row): number => rowsStr.push(row.toString()));
+
+      const rowSeparator: string = rowsStr[0].replace(/[^|]/g, '-');
+      rowsStr.unshift(rowSeparator);
+      rowsStr.push(rowSeparator);
+
+      const rowTotal: string[] = [];
+      let sumTotal: number = 0;
+      for (const column of this.columns) {
+        const total: number = column.total;
+        rowTotal.push(`${total}${total.toString().length < column.width ? ' '.repeat(column.width - total.toString().length) : ''}`);
+        sumTotal += total;
+      }
+      const column1: string = `${HEADER_TOTAL}${this.rows[0].headerWidth > HEADER_TOTAL.length ? ' '.repeat(this.rows[0].headerWidth - HEADER_TOTAL.length) : ''}`;
+      const columnLast: string = `${sumTotal}${sumTotal.toString().length < HEADER_TOTAL.length ? ' '.repeat(HEADER_TOTAL.length - sumTotal.toString().length) : ''}`;
+      rowsStr.push(`|${column1}|${rowTotal.join('|')}|${columnLast}|`);
+
+      // Insert first row with titles and second row with separator
+      const rowTop: string[] = [
+        this.header + (this.header.length < this.rows[0].headerWidth ? ' '.repeat(this.rows[0].headerWidth - this.header.length) : ''),
+        this.columns
+          .map((c: Column): string => `${c.header}${c.header.length < c.width ? ' '.repeat(c.width - c.header.length) : ''}`)
+          .join('|'),
+        HEADER_TOTAL + (HEADER_TOTAL.length < this.rows[0].totalWidth ? ' '.repeat(this.rows[0].totalWidth - HEADER_TOTAL.length) : ''),
+      ];
+      rowsStr.unshift(`|${rowTop.join('|')}|`);
+    }
+
+    return rowsStr
+      .join('\n')
+      .replace(/[|]/g, ' | ');
+  }
+}

package/src/system.ts

@@ -0,0 +1,27 @@
+import { z, type ZodSafeParseResult } from 'zod';
+import Logger from './Logger';
+import { version, sha, buildAt } from './metadata.json';
+
+/**
+ * Prints metadata information into the logs, such as library version, SHA and
+ * build time.
+ * @internal
+ */
+export function logMetadata(): void {
+  const logger = new Logger(logMetadata.name);
+  logger.info(`version: ${version}`);
+  logger.info(`sha: ${sha}`);
+  logger.info(`built at: ${buildAt}`);
+}
+
+/**
+ * Checks if it is running in GitHub Actions with debug mode enabled.
+ * @returns false if ACTIONS_STEP_DEBUG env var is falsy, otherwise returns true.
+ * @internal
+ */
+export function isDebug(): boolean {
+  const parseResult: ZodSafeParseResult<boolean> = z.stringbool().safeParse(
+    process.env.ACTIONS_STEP_DEBUG
+  );
+  return parseResult.success && parseResult.data;
+}

package/src/types.ts

@@ -1,48 +1,7 @@
-import { Run } from 'sarif'
-import { ColorOptions } from './model/color/ColorOptions'
-import FindingArray from './model/FindingArray'
-import { SendIf } from './model/SendIf'
-
-/**
- * Enum representing log levels for the service.
- * @public
- */
-export enum LogLevel {
-  /**
-   * Represents the most verbose logging level, typically used for detailed
-   * debugging information.
-   */
-  Silly = 0,
-  /**
-   * Represents a logging level for tracing the flow of the application.
-   */
-  Trace = 1,
-  /**
-   * Represents a logging level for debugging information that is less verbose
-   * than silly.
-   */
-  Debug = 2,
-  /**
-   * Represents a logging level for general informational messages that highlight
-   * the progress of the application.
-   */
-  Info = 3,
-  /**
-   * Represents a logging level for potentially harmful situations that require
-   * attention.
-   */
-  Warning = 4,
-  /**
-   * Represents a logging level for error conditions that do not require immediate
-   * action but should be noted.
-   */
-  Error = 5,
-  /**
-   * Represents a logging level for critical errors that require immediate attention
-   * and may cause the application to terminate.
-   */
-  Fatal = 6
-}
+import type { Run } from 'sarif'
+import type { ColorOptions } from './model/color/ColorOptions'
+import type FindingArray from './model/FindingArray'
+import type { SendIf } from './model/SendIf'
 
 /**
  * Type representing properties that indicate whether to include certain information
@@ -174,19 +133,92 @@ export enum RepresentationType {
    * ```
    */
   CompactTotalPerSeverity = 7,
-}
-
-/**
- * Options for logging.
- * @public
- */
-export type LogOptions = {
-  level?: LogLevel,
   /**
-   * More details here: https://github.com/fullstack-build/tslog?tab=readme-ov-file#pretty-templates-and-styles-color-settings
+   * Table information about findings grouped by Run with the level representation.
+   * @example
+   * ```text
+   * |       | Unknown | None | Note | Warning | Error | Total |
+   * | ----- | ------- | ---- | ---- | ------- | ----- | ----- |
+   * | 1     | 0       | 0    | 0    | 1       | 0     | 1     |
+   * | 2     | 0       | 0    | 9    | 20      | 10    | 39    |
+   * | 3     | 0       | 0    | 1    | 0       | 1     | 2     |
+   * | 4     | 0       | 0    | 5    | 5       | 0     | 10    |
+   * | ----- | ------- | ---- | ---- | ------- | ----- | ----- |
+   * | Total | 0       | 0    | 15   | 26      | 11    | 52    |
+   * ```
+   */
+  TableGroupByRunPerLevel = 8,
+  /**
+   * Table information about findings grouped by Run with the severity representation.
+   * @example
+   * ```text
+   * |       | Unknown | None | Low | Medium | High | Critical | Total |
+   * | ----- | ------- | ---- | --- | ------ | ---- | -------- | ----- |
+   * | 1     | 0       | 0    | 0   | 1      | 0    | 0        | 1     |
+   * | 2     | 0       | 0    | 9   | 20     | 10   | 0        | 39    |
+   * | 3     | 0       | 0    | 1   | 0      | 1    | 0        | 2     |
+   * | 4     | 0       | 0    | 5   | 5      | 0    | 0        | 10    |
+   * | ----- | ------- | ---- | --- | ------ | ---- | -------- | ----- |
+   * | Total | 0       | 0    | 15  | 26     | 11   | 0        | 52    |
+   * ```
+   */
+  TableGroupByRunPerSeverity = 9,
+  /**
+   * Table information about findings grouped by tool name with the level representation.
+   * @example
+   * ```text
+   * |        | Unknown | None | Note | Warning | Error | Total |
+   * | ------ | ------- | ---- | ---- | ------- | ----- | ----- |
+   * | CodeQL | 0       | 0    | 0    | 1       | 0     | 1     |
+   * | grype  | 0       | 0    | 9    | 20      | 10    | 39    |
+   * | Trivy  | 0       | 0    | 1    | 0       | 1     | 2     |
+   * | WizCLI | 0       | 0    | 5    | 5       | 0     | 10    |
+   * | ------ | ------- | ---- | ---- | ------- | ----- | ----- |
+   * | Total  | 0       | 0    | 15   | 26      | 11    | 52    |
+   * ```
    */
-  template?: string,
-  colored?: boolean,
+  TableGroupByToolNamePerLevel = 10,
+  /**
+   * Table information about findings grouped by tool name with the severity representation.
+   * @example
+   * ```text
+   * |        | Unknown | None | Low | Medium | High | Critical | Total |
+   * | ------ | ------- | ---- | --- | ------ | ---- | -------- | ----- |
+   * | CodeQL | 0       | 0    | 0   | 1      | 0    | 0        | 1     |
+   * | grype  | 0       | 0    | 9   | 20     | 10   | 0        | 39    |
+   * | Trivy  | 0       | 0    | 1   | 0      | 1    | 0        | 2     |
+   * | WizCLI | 0       | 0    | 5   | 5      | 0    | 0        | 10    |
+   * | ------ | ------- | ---- | --- | ------ | ---- | -------- | ----- |
+   * | Total  | 0       | 0    | 15  | 26     | 11   | 0        | 52    |
+   * ```
+   */
+  TableGroupByToolNamePerSeverity = 11,
+  /**
+   * Table information about findings grouped by SARIF file with the level representation.
+   * @example
+   * ```text
+   * |       | Unknown | None | Note | Warning | Error | Total |
+   * | ----- | ------- | ---- | ---- | ------- | ----- | ----- |
+   * | 1     | 0       | 0    | 0    | 1       | 0     | 1     |
+   * | 2     | 0       | 0    | 9    | 20      | 10    | 39    |
+   * | ----- | ------- | ---- | ---- | ------- | ----- | ----- |
+   * | Total | 0       | 0    | 9    | 21      | 10    | 40    |
+   * ```
+   */
+  TableGroupBySarifPerLevel = 12,
+  /**
+   * Table information about findings grouped by SARIF file with the severity representation.
+   * @example
+   * ```text
+   * |       | Unknown | None | Low | Medium | High | Critical | Total |
+   * | ----- | ------- | ---- | --- | ------ | ---- | -------- | ----- |
+   * | 1     | 0       | 0    | 0   | 1      | 0    | 0        | 1     |
+   * | 2     | 0       | 0    | 9   | 20     | 10   | 0        | 39    |
+   * | ----- | ------- | ---- | --- | ------ | ---- | -------- | ----- |
+   * | Total | 0       | 0    | 9   | 21     | 10   | 0        | 40    |
+   * ```
+   */
+  TableGroupBySarifPerSeverity = 13,
 }
 
 /**
@@ -211,12 +243,10 @@ export type SarifOptions = {
  * @public
  */
 export type SarifToSlackClientOptions = {
-  webhookUrl: string,
   sarif: SarifOptions,
   username?: string,
   iconUrl?: string,
   color?: ColorOptions,
-  log?: LogOptions,
   header?: IncludeAwareWithValueOptions,
   footer?: FooterOptions,
   actor?: IncludeAwareWithValueOptions,
@@ -241,6 +271,11 @@ export enum SecuritySeverity {
   Critical = 5,
 }
 
+export const SecuritySeverityValues: string[] =
+  Object.values(SecuritySeverity).filter(
+    (v: string | SecuritySeverity): v is string => typeof v === 'string'
+  )
+
 /**
  * Enum of security level.
  * @privateRemarks Order should remain unchanged. It is used in multiple places,
@@ -256,6 +291,11 @@ export enum SecurityLevel {
   Error = 4,
 }
 
+export const SecurityLevelValues: string[] =
+  Object.values(SecurityLevel).filter(
+    (v: string | SecurityLevel): v is string => typeof v === 'string'
+  )
+
 /**
  * The data about run, such as {@link Run} itself, tool name of the run and ID
  * which is manually generated and unique within a single execution.

package/src/utils/Comparators.ts

@@ -1,4 +1,4 @@
-import Finding from '../model/Finding'
+import type Finding from '../model/Finding'
 
 /**
  * This function returns a comparator function based on the property of the

package/src/utils/FileUtils.ts

@@ -1,31 +1,35 @@
-import fs from 'fs'
-import Logger from '../Logger'
-import { SarifFileExtension, SarifOptions } from '../types'
-import * as path from 'path'
+import fs from 'node:fs';
+import * as path from 'node:path';
+import Logger from '../Logger';
+import type { SarifFileExtension, SarifOptions } from '../types';
 
 /**
  * Traverse directory recursively and returns list of files with the requested
  * extension.
  * @param dir A root directory. Starting point.
+ * @param recursive Whether to list files recursively or not.
  * @param extension An instance of {@link SarifFileExtension} type.
  * @param fileList Collected list of files.
  * @private
  */
-function listFilesRecursively(
+function listFiles(
   dir: string,
+  recursive: boolean,
   extension: SarifFileExtension,
   fileList: string[] = []
 ): string[] {
-  const entries: string[] = fs.readdirSync(dir)
-  entries.forEach((entry: string): void => {
-    const fullPath: string = path.join(dir, entry)
-    if (fs.statSync(fullPath).isDirectory()) {
-      listFilesRecursively(fullPath, extension, fileList)
-    } else if (path.extname(fullPath).toLowerCase() === `.${extension}`) {
-      fileList.push(fullPath)
-    }
-  })
-  return fileList
+  if (fs.statSync(dir).isDirectory()) {
+    const entries: string[] = fs.readdirSync(dir);
+    entries.forEach((entry: string): void => {
+      const fullPath: string = path.join(dir, entry);
+      if (recursive && fs.statSync(fullPath).isDirectory()) {
+        listFiles(fullPath, recursive, extension, fileList);
+      } else if (path.extname(fullPath).toLowerCase() === `.${extension}`) {
+        fileList.push(fullPath);
+      }
+    })
+  }
+  return fileList;
 }
 
 /**
@@ -35,26 +39,25 @@ function listFilesRecursively(
  * @internal
  */
 export function extractListOfFiles(opts: SarifOptions): string[] {
+  const logger = new Logger(extractListOfFiles.name);
   if (!fs.existsSync(opts.path)) {
-    throw new Error(`Provided path does not exist: ${opts.path}`)
+    throw new Error(`Provided path does not exist: ${opts.path}`);
   }
 
-  const stats: fs.Stats = fs.statSync(opts.path)
+  const stats: fs.Stats = fs.statSync(opts.path);
 
   if (stats.isDirectory()) {
-    Logger.info(`Provided path is a directory: ${opts.path}`)
-    const files: string[] = opts.recursive
-      && listFilesRecursively(opts.path, opts.extension ?? 'sarif')
-      || fs.readdirSync(opts.path)
-    Logger.info(`Found ${files.length} files in ${opts.path} directory with ${opts.extension} extension`)
-    Logger.debug(`Found files: ${files.join(', ')}`)
-    return files
+    logger.info(`Provided path is a directory: ${opts.path}`);
+    const files: string[] = listFiles(opts.path, !!opts.recursive, opts.extension ?? 'sarif');
+    logger.info(`Found ${files.length} files in ${opts.path} directory with ${opts.extension} extension`);
+    logger.debug(`Found files: ${files.join(', ')}`);
+    return files;
   }
 
   if (stats.isFile()) {
-    Logger.info(`Provided path is a file: ${opts.path}`)
-    return [opts.path]
+    logger.info(`Provided path is a file: ${opts.path}`);
+    return [opts.path];
   }
 
-  throw new Error(`Provided path is neither a file nor a directory: ${opts.path}`)
+  throw new Error(`Provided path is neither a file nor a directory: ${opts.path}`);
 }

package/src/utils/StringUtils.ts

@@ -0,0 +1,7 @@
+export function randomAlphabetic(length: number): string {
+  const alphabet = 'abcdefghijklmnopqrstuvwxyz'
+  return Array.from(
+    { length },
+    (): string => alphabet[Math.floor(Math.random() * alphabet.length)]
+  ).join('')
+}