search

microsoft / sarif-sdk

.NET code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oasis-tcs/sarif-spec)
Other
191 stars 88 forks source link

In HDF->SARIF, conversion will fail if no version is specified #2728

Open Jiri-Stary opened 9 months ago

Jiri-Stary commented 9 months ago

My usecase is i am getting sonarqube report in HDF using mitre saf tool, then running HDF -> SARIF conversion.

When sonarqube project does not contain project version the conversion to SARIF will crash

In particular in HDF file the version is null "profiles":[{"name":"Sonarqube Scan","version":null,

Attaching sample file sonarqube_scan.json

Log file:

Newtonsoft.Json.JsonSerializationException: Required property 'version' expects a non-null value. Path 'profiles[0]', line 1, position 574. at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.EndProcessProperty(Object newObject, JsonReader reader, JsonObjectContract contract, Int32 initialDepth, JsonProperty property, PropertyPresence presence, Boolean setDefaultValue) at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateObject(Object newObject, JsonReader reader, JsonObjectContract contract, JsonProperty member, String id) at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateObject(JsonReader reader, Type objectType, JsonContract contract, JsonProperty member, JsonContainerContract containerContract, JsonProperty containerMember, Object existingValue) at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(JsonReader reader, Type objectType, JsonContract contract, JsonProperty member, JsonContainerContract containerContract, JsonProperty containerMember, Object existingValue) at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateList(IList list, JsonReader reader, JsonArrayContract contract, JsonProperty containerProperty, String id) at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateList(JsonReader reader, Type objectType, JsonContract contract, JsonProperty member, Object existingValue, String id) at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(JsonReader reader, Type objectType, JsonContract contract, JsonProperty member, JsonContainerContract containerContract, JsonProperty containerMember, Object existingValue) at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.SetPropertyValue(JsonProperty property, JsonConverter propertyConverter, JsonContainerContract containerContract, JsonProperty containerProperty, JsonReader reader, Object target) at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.PopulateObject(Object newObject, JsonReader reader, JsonObjectContract contract, JsonProperty member, String id) at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateObject(JsonReader reader, Type objectType, JsonContract contract, JsonProperty member, JsonContainerContract containerContract, JsonProperty containerMember, Object existingValue) at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.CreateValueInternal(JsonReader reader, Type objectType, JsonContract contract, JsonProperty member, JsonContainerContract containerContract, JsonProperty containerMember, Object existingValue) at Newtonsoft.Json.Serialization.JsonSerializerInternalReader.Deserialize(JsonReader reader, Type objectType, Boolean checkAdditionalContent) at Newtonsoft.Json.JsonSerializer.DeserializeInternal(JsonReader reader, Type objectType) at Newtonsoft.Json.JsonSerializer.Deserialize(JsonReader reader, Type objectType) at Newtonsoft.Json.JsonConvert.DeserializeObject(String value, Type type, JsonSerializerSettings settings) at Newtonsoft.Json.JsonConvert.DeserializeObject[T](String value, JsonSerializerSettings settings) at Microsoft.CodeAnalysis.Sarif.Converters.HdfModel.HdfFile.FromJson(String json) in //src/Sarif.Converters/HdfModel/HdfFile.cs:line 26 at Microsoft.CodeAnalysis.Sarif.Converters.HdfConverter.Convert(Stream input, IResultLogWriter output, OptionallyEmittedData dataToInsert) in //src/Sarif.Converters/HdfConverter.cs:line 29 at Microsoft.CodeAnalysis.Sarif.Converters.ToolFormatConverter.ConvertToStandardFormat(String toolFormat, Stream inputStream, IResultLogWriter outputStream, OptionallyEmittedData dataToInsert, String pluginAssemblyPath) in //src/Sarif.Converters/ToolFormatConverter.cs:line 94 at Microsoft.CodeAnalysis.Sarif.Converters.ToolFormatConverter.ConvertToStandardFormat(String toolFormat, String inputFileName, String outputFileName, FilePersistenceOptions logFilePersistenceOptions, OptionallyEmittedData dataToInsert, String pluginAssemblyPath) in //src/Sarif.Converters/ToolFormatConverter.cs:line 62 at Microsoft.CodeAnalysis.Sarif.Multitool.ConvertCommand.Run(ConvertOptions convertOptions, IFileSystem fileSystem) in /_/src/Sarif.Multitool.Library/ConvertCommand.cs:line 55