@microsoft/jest-sarif
Custom matchers for SARIF logs for Jest
Overview
The Static Analysis Result Interchange Format (SARIF) is comprehensive spec that provides a standardized schema for tools running static analysis. For tools producing SARIF output, it's useful to be able to test that output to validate it conforms to the SARIF JSON schema.
This library helps achieve that through custom matchers for the Jest testing library. It uses the SARIF JSON Schema to validate the log structure against the actual schema, which helps ensure flexibility when matching whole or partial portions of that schema.
Installation
npm install @microsoft/jest-sarif --save-dev
# or
yarn add @microsoft/jest-sarif -D
Usage
You can import and use the matchers in one of two ways:
-
(Recommended) Including in a jest setup file as a one-time setup
// ./jest-setup.js import '@microsoft/jest-sarif'; // or require('@microsoft/jest-sarif');
If you're using TypeScript, you'll want to make your setup file a
.ts
file, and useimport '@microsoft/jest-sarif';
to ensure the type extensions are included. -
Including one of the following at the top of your test file
// my-test-file.js import '@microsoft/jest-sarif'; // or require('@microsoft/jest-sarif');
Matchers
toBeValidSarifLog
Asserts that a value is a valid SARIF log.
it('should be a valid SARIF log', () => {
const sarifLog = buildSarifLog();
expect(sarifLog).toBeValidSarifLog();
});
toBeValidSarifFor(definition)
Asserts that a value is a valid SARIF definition type.
SARIF logs are complex, and can be made up of many sub-types. Most of these subtypes are defined in reusable definitions within the schema itself. You can use this matcher to match on specific sub-types within the schema. This is useful when you want to match valid portions of a log, but not the whole log.
it('should be a valid SARIF result', () => {
const sarifResult = buildSarifResult();
expect(sarifResult).toBeValidSarifFor('result');
});
Attribution
This package was based on the jest-json-schema package.
Contributing
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.
When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
Trademarks
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.