Open mweihberg opened 5 months ago
Maybe i´ve found the lines of code which causes this behaviour. https://github.com/microsoft/sarif-azuredevops-extension/blob/d6f6de3cd58f9ba7d3779b395355abeb5f1d89f4/src/build.tsx#L129C4-L137C5
// Show file names when the tool names are homogeneous.
if (files.length > 1 && toolNamesSet.size === 1) {
logs.forEach((log, i) =>
log.runs.forEach(run => {
run.properties = run.properties || {}
run.properties['logFileName'] = files[i].name
})
)
}
I don´t think that this behaviour is really useful. Its difficult to get the information for a specific run.
Agreed, I've also found this confusing.
I created a fork and deployed on our local TFS with
if (files.length > 1) {
logs.forEach((log, i) =>
log.runs.forEach(run => {
run.properties = run.properties || {}
run.properties['logFileName'] = files[i].name
})
)
}
It worked!
So please try to enhance it for the next release.
In our project we are doing many sarif scans: trivy + hadolint for every container we are going to build. All sarif files ending up in CodeAnalysisLogs with their respective name e.g. hadolint-{containerName}.sarif or trivy-{containerName}.sarif.
But in the Scans Tab their accordions are listed only like this
Whats the cause of it?