search

microsoft / sarif-tools

A set of Python command line tools for working with SARIF files produced by code analysis tools
MIT License
76 stars 19 forks source link

Diff is not showing where the changes where #18

Closed chaudron closed 9 months ago

chaudron commented 1 year ago

When running a diff on a large directory, the diff output does not give any hints on where to look for the new issue.

For example the below:

    error level: +0 -0 no changes
    warning level: +1 +0
      New issue "deadcode.DeadStores Value stored to 'error' is never read" (1 occurence)
    note level: +0 -0 no changes
    all levels: +1 +0

To figure out where it happened I did the following:

sarif csv -o sarif_org ~/ovs/tests/clang-analyzer-results/2023-06-27-165114-1160621-1
sarif csv -o sarif_new ~/ovs/tests/clang-analyzer-results/2023-06-27-165604-1179114-1

sort sarif_org/static_analysis_output.csv > sarif_org.txt
sort sarif_new/static_analysis_output.csv > sarif_new.txt
diff sarif_org.txt sarif_new.txt

But this is also showing line changes, etc. etc.

chaudron commented 9 months ago

Thanks for fixing this!! It works like a charm ;)

error level: +0 -0 no changes
warning level: +0 +0
  Number of occurrences 40 -> 41 (+1) for issue "unix.Malloc Use of memory after it is freed"
    file:///home/echaudron/Documents/review/ovs_quick/lib/netdev.c:243
note level: +0 -0 no changes
all levels: +0 +0