admin/crm_ecosplay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: update semgrep report format for SonarQube compatibility

Browse Source
This commit is contained in:
Serreau Jovann
2026-04-01 17:52:41 +02:00
parent 197916c4e0
commit 75bd0a795c
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Makefile
View File

@@ -189,8 +189,8 @@ semgrep_report:
returntocorp/semgrep \
semgrep scan --config=auto --json -o var/reports/semgrep-raw.json src/ || true
# 2. Conversion JQ simplifiée (on ne garde QUE la ligne, pas la colonne)
cat var/reports/semgrep-raw.json | jq '{issues: [.results[] | {engineId: "semgrep", ruleId: .check_id, severity: (if .extra.severity == "ERROR" then "CRITICAL" else "MAJOR" end), type: "VULNERABILITY", primaryLocation: {message: .extra.message, filePath: .path, textRange: {startLine: .start.line}}}]}' > var/reports/semgrep-report.json
# 2. Conversion JQ pour le format SonarQube Generic Issue (avec la section rules pour éviter le warning de dépréciation)
cat var/reports/semgrep-raw.json | jq '{rules: [.results[] | {id: .check_id, name: .check_id, engineId: "semgrep", description: .check_id}] | unique_by(.id), issues: [.results[] | {engineId: "semgrep", ruleId: .check_id, severity: (if .extra.severity == "ERROR" then "CRITICAL" else "MAJOR" end), type: "VULNERABILITY", primaryLocation: {message: .extra.message, filePath: .path, textRange: {startLine: .start.line}}}]}' > var/reports/semgrep-report.json
test_coverage: ## Lance les tests PHP avec couverture (clover + HTML + JUnit)
docker compose -f docker-compose-dev.yml exec php sh -c 'mkdir -p var/reports && php bin/phpunit --testdox --log-junit var/reports/phpunit.xml --coverage-clover var/reports/coverage.xml --coverage-html var/reports/coverage-html --coverage-text'