fix: sanitize level property for SARIF (#4831)

Co-authored-by: Fernandez Ludovic <ldez@users.noreply.github.com>
2024-06-20 06:25:53 +08:00 · 2024-06-20 06:25:53 +08:00 · 304e22a024
commit 304e22a024
parent 9211eeccf7
2 changed files with 7 additions and 2 deletions
--- a/pkg/printers/sarif.go
+++ b/pkg/printers/sarif.go
@ -76,7 +76,12 @@ func (p Sarif) Print(issues []result.Issue) error {
 		issue := issues[i]

 		severity := issue.Severity
-		if severity == "" {
+
+		switch severity {
+		// https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/os/sarif-v2.1.0-errata01-os-complete.html#_Toc141790898
+		case "none", "note", "warning", "error":
+			// Valid levels.
+		default:
 			severity = "error"
 		}

--- a/pkg/printers/sarif_test.go
+++ b/pkg/printers/sarif_test.go
@ -42,7 +42,7 @@ func TestSarif_Print(t *testing.T) {
 		},
 		{
 			FromLinter: "linter-a",
-			Severity:   "error",
+			Severity:   "low",
 			Text:       "some issue 2",
 			Pos: token.Position{
 				Filename: "path/to/filec.go",