From 2dd4f9e1793ec2309dbe3df5f5dd709da3927721 Mon Sep 17 00:00:00 2001 From: "David B. Schott" Date: Thu, 18 Jan 2024 19:17:07 -0500 Subject: [PATCH] fix: SARIF: artifactChanges property cannot be empty (#5010) --- src/lib/formatters/get-sarif-result.ts | 21 ++++++++++++++++++- .../open-source-sarif-output.spec.ts.snap | 18 +++++++++++++++- 2 files changed, 37 insertions(+), 2 deletions(-) diff --git a/src/lib/formatters/get-sarif-result.ts b/src/lib/formatters/get-sarif-result.ts index d51f72155c..9f3276c5ca 100644 --- a/src/lib/formatters/get-sarif-result.ts +++ b/src/lib/formatters/get-sarif-result.ts @@ -41,7 +41,26 @@ export function getResults(testResult: TestResult): sarif.Result[] { description: { text: `Upgrade to ${vuln.upgradePath[1]}`, }, - artifactChanges: [], + artifactChanges: [ + { + artifactLocation: { + uri: getArtifactLocationUri( + testResult.displayTargetFile, + testResult.path, + ), + }, + replacements: [ + { + deletedRegion: { + startLine: vuln.lineNumber || 1, + }, + insertedContent: { + text: vuln.upgradePath[1] as string, + }, + }, + ], + }, + ], }, ] : undefined, diff --git a/test/jest/unit/lib/formatters/__snapshots__/open-source-sarif-output.spec.ts.snap b/test/jest/unit/lib/formatters/__snapshots__/open-source-sarif-output.spec.ts.snap index 3addd46da5..e2507f8fb3 100644 --- a/test/jest/unit/lib/formatters/__snapshots__/open-source-sarif-output.spec.ts.snap +++ b/test/jest/unit/lib/formatters/__snapshots__/open-source-sarif-output.spec.ts.snap @@ -9,7 +9,23 @@ Object { Object { "fixes": Array [ Object { - "artifactChanges": Array [], + "artifactChanges": Array [ + Object { + "artifactLocation": Object { + "uri": "package.json", + }, + "replacements": Array [ + Object { + "deletedRegion": Object { + "startLine": 1, + }, + "insertedContent": Object { + "text": "jimp@0.2.28", + }, + }, + ], + }, + ], "description": Object { "text": "Upgrade to jimp@0.2.28", },