korext 0.9.3 → 0.9.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/bin/korext.js +34 -16
  2. package/package.json +1 -1
package/bin/korext.js CHANGED
@@ -172,8 +172,11 @@ program
172
172
  .action((tokenArg) => {
173
173
  let token = tokenArg;
174
174
  if (!token) {
175
- console.log(`\nPlease generate an API token at ${chalk.cyan('https://app.korext.com/settings/tokens')}`);
176
- console.log(`Then run: ${chalk.green('korext login <your-token>')}\n`);
175
+ console.log(`\nTo authenticate, sign in at ${chalk.cyan('https://app.korext.com')} and use your session token.`);
176
+ console.log(`Long-lived API tokens for CI/CD are coming soon.`);
177
+ console.log(`\nFor CI/CD, Korext works in anonymous mode (20 requests per hour).`);
178
+ console.log(`Set ${chalk.green('KOREXT_API_TOKEN')} for higher limits.`);
179
+ console.log(`\nThen run: ${chalk.green('korext login <your-token>')}\n`);
177
180
  process.exit(1);
178
181
  }
179
182
  const config = getConfig();
@@ -331,9 +334,12 @@ program
331
334
 
332
335
  let usedLocalEngine = false;
333
336
 
337
+ const resolvedDir = path.resolve(dir);
338
+
334
339
  for (let i = 0; i < files.length; i++) {
335
340
  const file = files[i];
336
341
  const displayPath = path.relative(process.cwd(), file);
342
+ const sarifPath = path.relative(resolvedDir, file);
337
343
 
338
344
  let fileSpinner = null;
339
345
  if (isText) fileSpinner = ora(`Analyzing ${displayPath} (${i + 1}/${files.length})...`).start();
@@ -433,39 +439,51 @@ program
433
439
  }
434
440
  storedV.push(v);
435
441
  }
436
- report.results.push({ file: displayPath, violations: storedV });
442
+ report.results.push({ file: displayPath, sarifFile: sarifPath, violations: storedV });
437
443
  } else {
438
444
  if (fileSpinner) fileSpinner.stop();
439
- report.results.push({ file: displayPath, violations: [] });
445
+ report.results.push({ file: displayPath, sarifFile: sarifPath, violations: [] });
440
446
  }
441
447
  }
442
448
 
443
449
  if (format === 'json') {
444
450
  console.log(JSON.stringify(report, null, 2));
445
451
  } else if (format === 'sarif') {
446
- const sarif = {
447
- version: "2.1.0",
448
- $schema: "https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/os/schemas/sarif-schema-2.1.0.json",
449
- runs: [{
450
- tool: { driver: { name: "Korext", version } },
451
- results: []
452
- }]
453
- };
452
+ // Build SARIF results
453
+ const sarifResults = [];
454
454
  for (const res of report.results) {
455
455
  for (const v of res.violations) {
456
- sarif.runs[0].results.push({
457
- ruleId: v.ruleName,
456
+ const messageText = v.explanation
457
+ || (v.ruleName ? v.ruleName + ': ' + (v.message || 'violation detected') : (v.ruleId || 'unknown') + ' violation detected');
458
+ sarifResults.push({
459
+ ruleId: v.ruleName || v.ruleId || 'unknown',
458
460
  level: v.severity === 'critical' || v.severity === 'high' ? "error" : v.severity === 'medium' ? "warning" : "note",
459
- message: { text: v.explanation },
461
+ message: { text: messageText },
460
462
  locations: [{
461
463
  physicalLocation: {
462
- artifactLocation: { uri: res.file },
464
+ artifactLocation: { uri: res.sarifFile || res.file },
463
465
  region: { startLine: v.line, startColumn: v.column || 1 }
464
466
  }
465
467
  }]
466
468
  });
467
469
  }
468
470
  }
471
+
472
+ // Build driver.rules from unique ruleIds
473
+ const ruleIds = [...new Set(sarifResults.map(r => r.ruleId))];
474
+ const rules = ruleIds.map(id => ({
475
+ id,
476
+ shortDescription: { text: id.replace(/-/g, ' ') }
477
+ }));
478
+
479
+ const sarif = {
480
+ version: "2.1.0",
481
+ $schema: "https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/os/schemas/sarif-schema-2.1.0.json",
482
+ runs: [{
483
+ tool: { driver: { name: "Korext", version, rules } },
484
+ results: sarifResults
485
+ }]
486
+ };
469
487
  console.log(JSON.stringify(sarif, null, 2));
470
488
  } else {
471
489
  console.log('\n' + chalk.dim('======================================='));
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "korext",
3
- "version": "0.9.3",
3
+ "version": "0.9.4",
4
4
  "description": "Korext Command Line Interface",
5
5
  "type": "module",
6
6
  "main": "bin/korext.js",