Merge pull request #101 from returntocorp/sayyant/path-to-transitivit…

…y-found-dep

Semgrep Interface Changes for Path to Transitivity (CLI)

semgrep_output_v1.atd

@@ -804,6 +804,11 @@ type dependency_pattern <ocaml attr="deriving show"> = {
   semver_range: string;
 }
 
+type dependency_child <ocaml attr="deriving show"> = {
+  package: string;
+  version: string;
+}
+
 type found_dependency <ocaml attr="deriving show"> = {
   package: string;
   version: string;
@@ -815,6 +820,8 @@ type found_dependency <ocaml attr="deriving show"> = {
   ?resolved_url: string option;
   transitivity: transitivity;
   ?line_number: int option;
+  (* store child dependency information for calculating path to transitivity*)
+  ?children: dependency_child list option;
 }
 
 (*****************************************************************************)

semgrep_output_v1.jsonschema

@@ -700,6 +700,14 @@
         "semver_range": { "type": "string" }
       }
     },
+    "dependency_child": {
+      "type": "object",
+      "required": [ "package", "version" ],
+      "properties": {
+        "package": { "type": "string" },
+        "version": { "type": "string" }
+      }
+    },
     "found_dependency": {
       "type": "object",
       "required": [
@@ -718,7 +726,11 @@
         },
         "resolved_url": { "type": "string" },
         "transitivity": { "$ref": "#/definitions/transitivity" },
-        "line_number": { "type": "integer" }
+        "line_number": { "type": "integer" },
+        "children": {
+          "type": "array",
+          "items": { "$ref": "#/definitions/dependency_child" }
+        }
       }
     },
     "ci_scan_results": {

semgrep_output_v1.py

@@ -1866,6 +1866,37 @@ def to_json_string(self, **kw: Any) -> str:
         return json.dumps(self.to_json(), **kw)
 
 
+@dataclass
+class DependencyChild:
+    """Original type: dependency_child = { ... }"""
+
+    package: str
+    version: str
+
+    @classmethod
+    def from_json(cls, x: Any) -> 'DependencyChild':
+        if isinstance(x, dict):
+            return cls(
+                package=_atd_read_string(x['package']) if 'package' in x else _atd_missing_json_field('DependencyChild', 'package'),
+                version=_atd_read_string(x['version']) if 'version' in x else _atd_missing_json_field('DependencyChild', 'version'),
+            )
+        else:
+            _atd_bad_json('DependencyChild', x)
+
+    def to_json(self) -> Any:
+        res: Dict[str, Any] = {}
+        res['package'] = _atd_write_string(self.package)
+        res['version'] = _atd_write_string(self.version)
+        return res
+
+    @classmethod
+    def from_json_string(cls, x: str) -> 'DependencyChild':
+        return cls.from_json(json.loads(x))
+
+    def to_json_string(self, **kw: Any) -> str:
+        return json.dumps(self.to_json(), **kw)
+
+
 @dataclass
 class FoundDependency:
     """Original type: found_dependency = { ... }"""
@@ -1877,6 +1908,7 @@ class FoundDependency:
     transitivity: Transitivity
     resolved_url: Optional[str] = None
     line_number: Optional[int] = None
+    children: Optional[List[DependencyChild]] = None
 
     @classmethod
     def from_json(cls, x: Any) -> 'FoundDependency':
@@ -1889,6 +1921,7 @@ def from_json(cls, x: Any) -> 'FoundDependency':
                 transitivity=Transitivity.from_json(x['transitivity']) if 'transitivity' in x else _atd_missing_json_field('FoundDependency', 'transitivity'),
                 resolved_url=_atd_read_string(x['resolved_url']) if 'resolved_url' in x else None,
                 line_number=_atd_read_int(x['line_number']) if 'line_number' in x else None,
+                children=_atd_read_list(DependencyChild.from_json)(x['children']) if 'children' in x else None,
             )
         else:
             _atd_bad_json('FoundDependency', x)
@@ -1904,6 +1937,8 @@ def to_json(self) -> Any:
             res['resolved_url'] = _atd_write_string(self.resolved_url)
         if self.line_number is not None:
             res['line_number'] = _atd_write_int(self.line_number)
+        if self.children is not None:
+            res['children'] = _atd_write_list((lambda x: x.to_json()))(self.children)
         return res
 
     @classmethod

semgrep_output_v1.ts

@@ -385,6 +385,11 @@ export type DependencyPattern = {
   semver_range: string;
 }
 
+export type DependencyChild = {
+  package_: string;
+  version: string;
+}
+
 export type FoundDependency = {
   package_: string;
   version: string;
@@ -393,6 +398,7 @@ export type FoundDependency = {
   resolved_url?: string;
   transitivity: Transitivity;
   line_number?: number /*int*/;
+  children?: DependencyChild[];
 }
 
 export type CiScanResults = {
@@ -1590,6 +1596,20 @@ export function readDependencyPattern(x: any, context: any = x): DependencyPatte
   };
 }
 
+export function writeDependencyChild(x: DependencyChild, context: any = x): any {
+  return {
+    'package': _atd_write_required_field('DependencyChild', 'package', _atd_write_string, x.package_, x),
+    'version': _atd_write_required_field('DependencyChild', 'version', _atd_write_string, x.version, x),
+  };
+}
+
+export function readDependencyChild(x: any, context: any = x): DependencyChild {
+  return {
+    package_: _atd_read_required_field('DependencyChild', 'package', _atd_read_string, x['package'], x),
+    version: _atd_read_required_field('DependencyChild', 'version', _atd_read_string, x['version'], x),
+  };
+}
+
 export function writeFoundDependency(x: FoundDependency, context: any = x): any {
   return {
     'package': _atd_write_required_field('FoundDependency', 'package', _atd_write_string, x.package_, x),
@@ -1599,6 +1619,7 @@ export function writeFoundDependency(x: FoundDependency, context: any = x): any
     'resolved_url': _atd_write_optional_field(_atd_write_string, x.resolved_url, x),
     'transitivity': _atd_write_required_field('FoundDependency', 'transitivity', writeTransitivity, x.transitivity, x),
     'line_number': _atd_write_optional_field(_atd_write_int, x.line_number, x),
+    'children': _atd_write_optional_field(_atd_write_array(writeDependencyChild), x.children, x),
   };
 }
 
@@ -1611,6 +1632,7 @@ export function readFoundDependency(x: any, context: any = x): FoundDependency {
     resolved_url: _atd_read_optional_field(_atd_read_string, x['resolved_url'], x),
     transitivity: _atd_read_required_field('FoundDependency', 'transitivity', readTransitivity, x['transitivity'], x),
     line_number: _atd_read_optional_field(_atd_read_int, x['line_number'], x),
+    children: _atd_read_optional_field(_atd_read_array(readDependencyChild), x['children'], x),
   };
 }