Fix SARIF-formatter severity levels #3824
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@4ch1m While I am aware that we dump severity in different places, I do not think that is an issue by itself, mainly because once would be the severity of a rule in general and the other one would specific to a particular occurence. Still, the title of the PR does not mention or refer the exact bug it is addressing. I am asking this as I want to fully understand what was wrong before. Thanks |
|
Sure... I'll try to explain. The current implementation basically is using this function to obtain the severity (for both the general rule and the specific occurrence: ansible-lint/src/ansiblelint/errors.py Lines 116 to 123 in 5ca5679 NOTE: The result is "influenced" by External tools (IDE plugins, etc.) will use the SARIF output (and the given severity levels) to highlight/annotate Ansible code; which is problematic in many ways. Example: External tools should be able to give hints/advice about rules in general (with the rules original/general severity) and the actual error/occurrence. That's why this should be fixed as proposed in this PR. 😄 |
for more information, see https://pre-commit.ci
for more information, see https://pre-commit.ci
ssbarnea
approved these changes
Oct 10, 2023
ssbarnea
changed the title
nrdufour
added a commit
to nrdufour/home-ops
that referenced
this pull request
Oct 20, 2023
This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ansible-lint](https://github.com/ansible/ansible-lint) ([changelog](https://github.com/ansible/ansible-lint/releases)) | minor | `==6.20.3` -> `==6.21.1` | --- ### Release Notes <details> <summary>ansible/ansible-lint (ansible-lint)</summary> ### [`v6.21.1`](https://github.com/ansible/ansible-lint/releases/tag/v6.21.1) [Compare Source](ansible/ansible-lint@v6.21.0...v6.21.1) #### Bugfixes - Avoid exception caused by accidental unloading of core rules ([#​3857](ansible/ansible-lint#3857)) [@​ssbarnea](https://github.com/ssbarnea) - Document pre-commit access to ansible community bundle ([#​3856](ansible/ansible-lint#3856)) [@​ssbarnea](https://github.com/ssbarnea) - Fix bug with auto-fix ending too soon ([#​3855](ansible/ansible-lint#3855)) [@​ssbarnea](https://github.com/ssbarnea) ### [`v6.21.0`](https://github.com/ansible/ansible-lint/releases/tag/v6.21.0) [Compare Source](ansible/ansible-lint@v6.20.3...v6.21.0) #### Minor Changes - Allow linting plugin EXAMPLES as playbooks ([#​3309](ansible/ansible-lint#3309)) [@​Qalthos](https://github.com/Qalthos) #### Bugfixes - Add support for Rocky ([#​3843](ansible/ansible-lint#3843)) [@​facorazza](https://github.com/facorazza) - Update supported Ubuntu versions in `meta.json` ([#​3845](ansible/ansible-lint#3845)) [@​mcdonnnj](https://github.com/mcdonnnj) - Avoid false positives for handler in roles handlers directory ([#​3838](ansible/ansible-lint#3838)) [@​ajinkyau](https://github.com/ajinkyau) - Hide stacktrace when loading invalid yaml ([#​3844](ansible/ansible-lint#3844)) [@​ajinkyau](https://github.com/ajinkyau) - Add some platforms to `meta.json` ([#​3841](ansible/ansible-lint#3841)) [@​mcdonnnj](https://github.com/mcdonnnj) - Temporary avoid auto-fixing YAML files not owned by ansible ([#​3837](ansible/ansible-lint#3837)) [@​ssbarnea](https://github.com/ssbarnea) - Add environment variable for skipping schema update ([#​3835](ansible/ansible-lint#3835)) [@​ajinkyau](https://github.com/ajinkyau) - Avoid creating temporary YAML files inside source tree ([#​3819](ansible/ansible-lint#3819)) [@​Qalthos](https://github.com/Qalthos) - Document environment variables ([#​3833](ansible/ansible-lint#3833)) [@​ssbarnea](https://github.com/ssbarnea) - Update schemas ([#​3832](ansible/ansible-lint#3832)) [@​ssbarnea](https://github.com/ssbarnea) - Support complex requirements in argument_specs.yml ([#​3823](ansible/ansible-lint#3823)) [@​tapetersen](https://github.com/tapetersen) - Fix SARIF-formatter severity levels ([#​3824](ansible/ansible-lint#3824)) [@​4ch1m](https://github.com/4ch1m) - Add play level autofix for key-order rule ([#​3815](ansible/ansible-lint#3815)) [@​ajinkyau](https://github.com/ajinkyau) - Add support for python 3.12 ([#​3813](ansible/ansible-lint#3813)) [@​ssbarnea](https://github.com/ssbarnea) - Update SPDX license list ([#​3814](ansible/ansible-lint#3814)) [@​ssbarnea](https://github.com/ssbarnea) - Use checkout action in install docs ([#​3810](ansible/ansible-lint#3810)) [@​gma](https://github.com/gma) - Fix actions-tagger arguments ([#​3808](ansible/ansible-lint#3808)) [@​ssbarnea](https://github.com/ssbarnea) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNy4wIiwidXBkYXRlZEluVmVyIjoiMzcuMjcuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Reviewed-on: https://git.home/nrdufour/home-ops/pulls/161 Co-authored-by: Renovate <[email protected]> Co-committed-by: Renovate <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The SARIF formatter output contains information about "severity levels" in two different contexts (which should be handled differently).