From 8b65f63be4a8e9a3c64db29b902086f6ca253bbf Mon Sep 17 00:00:00 2001
From: Delnat Wito <wito.delnat@gmail.com>
Date: Wed, 13 Dec 2023 10:07:00 +0100
Subject: [PATCH] feat(validation): add srcroot configuration

---
 .changeset/clever-badgers-glow.md           |  5 ++++
 packages/validation/src/MonokleValidator.ts |  3 +++
 packages/validation/src/common/sarif.ts     | 14 ++++++++---
 packages/validation/src/types.ts            | 11 ++++++++
 packages/validation/src/utils/uriBase.ts    | 28 +++++++++++++++++++++
 5 files changed, 58 insertions(+), 3 deletions(-)
 create mode 100644 .changeset/clever-badgers-glow.md
 create mode 100644 packages/validation/src/utils/uriBase.ts

diff --git a/.changeset/clever-badgers-glow.md b/.changeset/clever-badgers-glow.md
new file mode 100644
index 000000000..be731252d
--- /dev/null
+++ b/.changeset/clever-badgers-glow.md
@@ -0,0 +1,5 @@
+---
+"@monokle/validation": minor
+---
+
+add srcroot configuration
diff --git a/packages/validation/src/MonokleValidator.ts b/packages/validation/src/MonokleValidator.ts
index d1323786e..2c4e5ed59 100644
--- a/packages/validation/src/MonokleValidator.ts
+++ b/packages/validation/src/MonokleValidator.ts
@@ -20,6 +20,7 @@ import {PluginLoader} from './pluginLoaders/PluginLoader.js';
 import {ValidationConfig} from '@monokle/types';
 import {PluginContext} from './pluginLoaders/types.js';
 import {sortResults} from './utils/sortResults.js';
+import { createOriginalUriBaseIds } from './utils/uriBase.js';
 
 export type ValidatorInit = {
   loader: PluginLoader;
@@ -215,6 +216,7 @@ export class MonokleValidator implements Validator {
     incremental,
     baseline,
     abortSignal: externalAbortSignal,
+    srcroot
   }: ValidateParams): Promise<ValidationResponse> {
     if (this._loading === undefined) {
       this.load();
@@ -251,6 +253,7 @@ export class MonokleValidator implements Validator {
 
     const run: ValidationRun = {
       automationDetails: {guid: v4()},
+      originalUriBaseIds: createOriginalUriBaseIds({srcroot}),
       tool,
       results,
       taxonomies: [NSA_TAXONOMY, CIS_TAXONOMY],
diff --git a/packages/validation/src/common/sarif.ts b/packages/validation/src/common/sarif.ts
index 607b217b9..f19c42529 100644
--- a/packages/validation/src/common/sarif.ts
+++ b/packages/validation/src/common/sarif.ts
@@ -15,6 +15,7 @@ export type ValidationResponse = {
 
 export type ValidationRun = {
   tool: Tool;
+  originalUriBaseIds: OriginalUriBaseIds;
   invocations?: ValidationInvocation[];
   results: ValidationResult[];
   taxonomies?: Taxonomy[];
@@ -76,9 +77,7 @@ export type Fix = {
 };
 
 export type ArtifactChange = {
-  artifactLocation: {
-    uri: string;
-  };
+  artifactLocation: ArtifactLocation;
   replacements: Replacement[];
 };
 
@@ -228,6 +227,9 @@ export type RuleConfig = {
   parameters?: PropertyBag & {configValue?: RuleConfigMetadataAllowedValues; dynamic?: boolean};
 };
 
+export type UriBaseIds = 'SRCROOT' | 'RESOURCE' | string;
+export type OriginalUriBaseIds = Record<UriBaseIds, Partial<ArtifactLocation>>;
+
 export type RuleLevel = 'warning' | 'error';
 
 export type ValidationInvocation = {
@@ -401,6 +403,12 @@ export type PhysicalLocation = {
   region?: Region;
 };
 
+export type ArtifactLocation = {
+  uri: string;
+  uriBaseId?: string;
+  description?: Message;
+}
+
 export type Region = {
   startLine: number;
   startColumn: number;
diff --git a/packages/validation/src/types.ts b/packages/validation/src/types.ts
index ff92bc19e..06f49f89d 100644
--- a/packages/validation/src/types.ts
+++ b/packages/validation/src/types.ts
@@ -37,6 +37,17 @@ export type ValidateParams = {
    */
   baseline?: ValidationResponse;
 
+  /**
+   * Adds the original URI base to the SARIF response which allows SARIF consumers
+   * to work with absolute file names.
+   * 
+   * @remark Setting a srcroot reduces portability, determinism and privacy when sharing responses. 
+   *  Generally you should only set this when producing and consuming SARIF on your local machine.
+   * @remark The outcome of setting srcroot is that `run.originalUriBaseIds` to be present.
+   * @example `"file:///Users/john/code/example-repository"`
+   */
+  srcroot?: string;
+
   /**
    * A signal that can be used to abort processing.
    */
diff --git a/packages/validation/src/utils/uriBase.ts b/packages/validation/src/utils/uriBase.ts
new file mode 100644
index 000000000..61c0dc0ae
--- /dev/null
+++ b/packages/validation/src/utils/uriBase.ts
@@ -0,0 +1,28 @@
+import { OriginalUriBaseIds } from "../common/sarif.js";
+
+type CreateOriginalUriBaseIdsParams = {
+  srcroot?: string;
+}
+
+export function createOriginalUriBaseIds({
+  srcroot
+}: CreateOriginalUriBaseIdsParams) {
+  const result: OriginalUriBaseIds = {
+    "SRCROOT": {
+      description: {
+        text: "The path to the root of this project."
+      }
+    },
+    "RESOURCE": {
+      description: {
+        text:"A symbol which indicates the URI is a resource identifier."
+      } 
+    }
+  }
+
+  if (srcroot) {
+    result["SRCROOT"].uri = srcroot;
+  }
+
+  return result;
+}
\ No newline at end of file