From 7ea8130da3157d205c5f49b4c4532622e9c8c421 Mon Sep 17 00:00:00 2001 From: Michael Sverdlov Date: Tue, 12 Sep 2023 15:59:18 +0300 Subject: [PATCH] Improve Golang audit logs (#948) --- xray/commands/audit/sca/go/golang.go | 2 +- xray/commands/audit/scarunner.go | 4 +- xray/utils/analyzermanager_test.go | 6 ++- xray/utils/sarifutils.go | 59 +--------------------------- 4 files changed, 9 insertions(+), 62 deletions(-) diff --git a/xray/commands/audit/sca/go/golang.go b/xray/commands/audit/sca/go/golang.go index 86c35fc12..2135bcb75 100644 --- a/xray/commands/audit/sca/go/golang.go +++ b/xray/commands/audit/sca/go/golang.go @@ -29,7 +29,7 @@ func BuildDependencyTree(server *config.ServerDetails, remoteGoRepo string) (dep } // Calculate go dependencies graph dependenciesGraph, err := goutils.GetDependenciesGraph(currentDir) - if err != nil { + if err != nil || len(dependenciesGraph) == 0 { return } // Calculate go dependencies list diff --git a/xray/commands/audit/scarunner.go b/xray/commands/audit/scarunner.go index 3f8e6144e..7f209fa29 100644 --- a/xray/commands/audit/scarunner.go +++ b/xray/commands/audit/scarunner.go @@ -79,7 +79,7 @@ func runScaScanOnWorkingDir(params *AuditParams, results *Results, workingDir, r err = errors.Join(err, fmt.Errorf("failed while building '%s' dependency tree:\n%s\n", tech, techErr.Error())) continue } - if len(flattenTree.Nodes) == 0 { + if flattenTree == nil || len(flattenTree.Nodes) == 0 { err = errors.Join(err, errors.New("no dependencies were found. Please try to build your project and re-run the audit command")) continue } @@ -158,7 +158,7 @@ func GetTechDependencyTree(params *xrayutils.AuditBasicParams, tech coreutils.Te default: err = errorutils.CheckErrorf("%s is currently not supported", string(tech)) } - if err != nil { + if err != nil || len(uniqueDeps) == 0 { return } log.Debug(fmt.Sprintf("Created '%s' dependency tree with %d nodes. Elapsed time: %.1f seconds.", tech.ToFormal(), len(uniqueDeps), time.Since(startTime).Seconds())) diff --git a/xray/utils/analyzermanager_test.go b/xray/utils/analyzermanager_test.go index 602d33686..c8637a7e2 100644 --- a/xray/utils/analyzermanager_test.go +++ b/xray/utils/analyzermanager_test.go @@ -79,13 +79,15 @@ func TestExtractRelativePath(t *testing.T) { expectedResult string }{ {secretPath: "file:///Users/user/Desktop/secrets_scanner/tests/req.nodejs/file.js", - projectPath: "Users/user/Desktop/secrets_scanner/", expectedResult: "/tests/req.nodejs/file.js"}, + projectPath: "Users/user/Desktop/secrets_scanner/", expectedResult: "tests/req.nodejs/file.js"}, {secretPath: "invalidSecretPath", projectPath: "Users/user/Desktop/secrets_scanner/", expectedResult: "invalidSecretPath"}, {secretPath: "", projectPath: "Users/user/Desktop/secrets_scanner/", expectedResult: ""}, {secretPath: "file:///Users/user/Desktop/secrets_scanner/tests/req.nodejs/file.js", - projectPath: "invalidProjectPath", expectedResult: "/Users/user/Desktop/secrets_scanner/tests/req.nodejs/file.js"}, + projectPath: "invalidProjectPath", expectedResult: "Users/user/Desktop/secrets_scanner/tests/req.nodejs/file.js"}, + {secretPath: "file:///private/Users/user/Desktop/secrets_scanner/tests/req.nodejs/file.js", + projectPath: "invalidProjectPath", expectedResult: "Users/user/Desktop/secrets_scanner/tests/req.nodejs/file.js"}, } for _, test := range tests { diff --git a/xray/utils/sarifutils.go b/xray/utils/sarifutils.go index 8f7cdf3be..5b5d31ab2 100644 --- a/xray/utils/sarifutils.go +++ b/xray/utils/sarifutils.go @@ -81,62 +81,6 @@ func AggregateMultipleRunsIntoSingle(runs []*sarif.Run, destination *sarif.Run) } } -func getRunInformationUri(run *sarif.Run) string { - if run != nil && run.Tool.Driver != nil && run.Tool.Driver.InformationURI != nil { - return *run.Tool.Driver.InformationURI - } - return "" -} - -// Calculate new information that exists at the run and not at the source -func GetDiffFromRun(sources []*sarif.Run, targets []*sarif.Run) (runWithNewOnly *sarif.Run) { - // Combine - combinedSource := sarif.NewRunWithInformationURI(sources[0].Tool.Driver.Name, getRunInformationUri(sources[0])).WithInvocations([]*sarif.Invocation{}) - AggregateMultipleRunsIntoSingle(sources, combinedSource) - if combinedSource == nil { - return - } - if len(targets) == 0 { - return combinedSource - } - combinedTarget := sarif.NewRunWithInformationURI(targets[0].Tool.Driver.Name, getRunInformationUri(targets[0])).WithInvocations([]*sarif.Invocation{}) - AggregateMultipleRunsIntoSingle(targets, combinedTarget) - if combinedTarget == nil { - return combinedSource - } - // Get diff - runWithNewOnly = sarif.NewRun(combinedSource.Tool).WithInvocations(combinedSource.Invocations) - for _, sourceResult := range combinedSource.Results { - targetMatchingResults := GetResultsByRuleId(combinedTarget, *sourceResult.RuleID) - if len(targetMatchingResults) == 0 { - runWithNewOnly.AddResult(sourceResult) - if rule, _ := combinedSource.GetRuleById(*sourceResult.RuleID); rule != nil { - runWithNewOnly.Tool.Driver.AddRule(rule) - } - continue - } - for _, targetMatchingResult := range targetMatchingResults { - if len(sourceResult.Locations) > len(targetMatchingResult.Locations) || - len(sourceResult.CodeFlows) > len(targetMatchingResult.CodeFlows) { - runWithNewOnly.AddResult(sourceResult) - if rule, _ := combinedSource.GetRuleById(*sourceResult.RuleID); rule != nil { - runWithNewOnly.Tool.Driver.AddRule(rule) - } - } - } - } - return -} - -func FilterResultsByRuleIdAndMsgText(source []*sarif.Result, ruleId, msgText string) (results []*sarif.Result) { - for _, result := range source { - if ruleId == *result.RuleID && msgText == GetResultMsgText(result) { - results = append(results, result) - } - } - return -} - func GetLocationRelatedCodeFlowsFromResult(location *sarif.Location, result *sarif.Result) (codeFlows []*sarif.CodeFlow) { for _, codeFlow := range result.CodeFlows { for _, stackTrace := range codeFlow.ThreadFlows { @@ -300,7 +244,8 @@ func ExtractRelativePath(resultPath string, projectRoot string) string { // Get relative path relativePath := strings.ReplaceAll(resultPath, projectRoot, "") - return strings.TrimPrefix(relativePath, string(filepath.Separator)) + trimSlash := strings.TrimPrefix(relativePath, string(filepath.Separator)) + return strings.TrimPrefix(trimSlash, "/") } func GetResultSeverity(result *sarif.Result) string {