WIP: Add Sarif output support to FSharpLint.Console

This is using the Microsoft Sarif.Sdk to write Sarif files.

Author: Numpsy

Directory.Packages.props

@@ -25,6 +25,7 @@
     <PackageVersion Include="Newtonsoft.Json" Version="13.0.3" />
     <PackageVersion Include="NUnit" Version="3.14.0" />
     <PackageVersion Include="NUnit3TestAdapter" Version="5.0.0" />
+    <PackageVersion Include="Sarif.Sdk" Version="4.5.4" />
     <PackageVersion Include="System.Reactive" Version="6.0.1" />
   </ItemGroup>
 </Project>

src/FSharpLint.Console/FSharpLint.Console.fsproj

@@ -17,6 +17,7 @@
 
   <ItemGroup>
     <Compile Include="Output.fs" />
+    <Compile Include="Sarif.fs" />
     <Compile Include="Program.fs" />
   </ItemGroup>
 

src/FSharpLint.Console/Program.fs

@@ -24,13 +24,17 @@ type private FileType =
 type private ToolArgs =
     | [<AltCommandLine("-f")>] Format of OutputFormat
     | [<CliPrefix(CliPrefix.None)>] Lint of ParseResults<LintArgs>
+    | [<Unique>] Report of string
+    | [<Unique>] Code_Root of string
     | Version 
 with
     interface IArgParserTemplate with
         member this.Usage =
             match this with
             | Format _ -> "Output format of the linter."
             | Lint _ -> "Runs FSharpLint against a file or a collection of files."
+            | Report _ -> "Write the result messages to a (sarif) report file."
+            | Code_Root _ -> "Root of the current code repository, used in the sarif report to construct the relative file path. The current working directory is used by default."
             | Version -> "Prints current version."
 
 // TODO: investigate erroneous warning on this type definition
@@ -94,13 +98,20 @@ let private start (arguments:ParseResults<ToolArgs>) (toolsPath:Ionide.ProjInfo.
         output.WriteError str
         exitCode <- -1
 
+    let reportPath = arguments.TryGetResult Report
+    let codeRoot = arguments.TryGetResult Code_Root
+
     match arguments.GetSubCommand() with
     | Lint lintArgs ->
 
         let handleLintResult = function
             | LintResult.Success(warnings) ->
                 String.Format(Resources.GetString("ConsoleFinished"), List.length warnings)
                 |> output.WriteInfo
+
+                reportPath 
+                |> Option.iter (fun report -> Sarif.writeReport warnings codeRoot report output)
+
                 if not (List.isEmpty warnings) then exitCode <- -1
             | LintResult.Failure(failure) ->
                 handleError failure.Description

src/FSharpLint.Console/Sarif.fs

@@ -0,0 +1,103 @@
+module internal Sarif
+
+open FSharpLint.Framework
+open System.IO
+open System
+open Microsoft.CodeAnalysis.Sarif
+open Microsoft.CodeAnalysis.Sarif.Writers
+open FSharpLint.Console.Output
+
+let writeReport (results: Suggestion.LintWarning list) (codeRoot: string option) (report: string) (logger: IOutput) =
+    try
+        let codeRoot =
+            match codeRoot with
+            | None -> Directory.GetCurrentDirectory() |> Uri
+            | Some root -> Path.GetFullPath root |> Uri
+
+        // Construct full path to ensure path separators are normalized.
+        let report = Path.GetFullPath report
+        // Ensure the parent directory exists
+        let reportFile = FileInfo(report)
+        reportFile.Directory.Create()
+
+        let driver = ToolComponent()
+        driver.Name <- "FSharpLint.Console"
+        driver.InformationUri <- Uri("https://fsprojects.github.io/FSharpLint/")
+        driver.Version <- string<Version> (System.Reflection.Assembly.GetExecutingAssembly().GetName().Version)
+        let tool = Tool()
+        tool.Driver <- driver
+        let run = Run()
+        run.Tool <- tool
+
+        use sarifLogger =
+            new SarifLogger(
+                report,
+                logFilePersistenceOptions =
+                    (FilePersistenceOptions.PrettyPrint ||| FilePersistenceOptions.ForceOverwrite),
+                run = run,
+                levels = BaseLogger.ErrorWarningNote,
+                kinds = BaseLogger.Fail,
+                closeWriterOnDispose = true
+            )
+
+        sarifLogger.AnalysisStarted()
+
+        for analyzerResult in results do
+            let reportDescriptor = ReportingDescriptor()
+            reportDescriptor.Id <- analyzerResult.RuleIdentifier
+            reportDescriptor.Name <- analyzerResult.RuleName
+
+            (*
+            analyzerResult.ShortDescription
+            |> Option.iter (fun shortDescription ->
+                reportDescriptor.ShortDescription <-
+                    MultiformatMessageString(shortDescription, shortDescription, dict [])
+            )
+            *)
+
+            let helpUri = $"https://fsprojects.github.io/FSharpLint/how-tos/rules/%s{analyzerResult.RuleIdentifier}.html"
+            reportDescriptor.HelpUri <- Uri(helpUri)
+
+            let result = Result()
+            result.RuleId <- reportDescriptor.Id
+            
+            (*
+            result.Level <-
+                match analyzerResult.Message.Severity with
+                | Severity.Info -> FailureLevel.Note
+                | Severity.Hint -> FailureLevel.Note
+                | Severity.Warning -> FailureLevel.Warning
+                | Severity.Error -> FailureLevel.Error
+            *)
+            result.Level <- FailureLevel.Warning
+
+            let msg = Message()
+            msg.Text <- analyzerResult.Details.Message
+            result.Message <- msg
+
+            let physicalLocation = PhysicalLocation()
+
+            physicalLocation.ArtifactLocation <-
+                let al = ArtifactLocation()
+                al.Uri <- codeRoot.MakeRelativeUri(Uri(analyzerResult.Details.Range.FileName))
+                al
+
+            physicalLocation.Region <-
+                let r = Region()
+                r.StartLine <- analyzerResult.Details.Range.StartLine
+                r.StartColumn <- analyzerResult.Details.Range.StartColumn + 1
+                r.EndLine <- analyzerResult.Details.Range.EndLine
+                r.EndColumn <- analyzerResult.Details.Range.EndColumn + 1
+                r
+
+            let location: Location = Location()
+            location.PhysicalLocation <- physicalLocation
+            result.Locations <- [| location |]
+
+            sarifLogger.Log(reportDescriptor, result, System.Nullable())
+
+        sarifLogger.AnalysisStopped(RuntimeConditions.None)
+
+        sarifLogger.Dispose()
+    with ex ->
+        logger.WriteError($"Could not write sarif to %s{report}: %s{ex.Message}")

src/FSharpLint.Core/FSharpLint.Core.fsproj

@@ -150,6 +150,7 @@
     <PackageReference Include="Microsoft.Build.Utilities.Core" ExcludeAssets="runtime" />
     <PackageReference Include="Microsoft.SourceLink.GitHub" PrivateAssets="all" />
     <PackageReference Include="Newtonsoft.Json" />
+    <PackageReference Include="Sarif.Sdk" />
   </ItemGroup>
 
 </Project>