@microsoft/jest-sarif
TypeScript icon, indicating that this package has built-in type declarations

1.0.0-beta.0 • Public • Published

@microsoft/jest-sarif

License: MIT workflows TypeScript code style: prettier

Custom matchers for SARIF logs for Jest

Overview

The Static Analysis Result Interchange Format (SARIF) is comprehensive spec that provides a standardized schema for tools running static analysis. For tools producing SARIF output, it's useful to be able to test that output to validate it conforms to the SARIF JSON schema.

This library helps achieve that through custom matchers for the Jest testing library. It uses the SARIF JSON Schema to validate the log structure against the actual schema, which helps ensure flexibility when matching whole or partial portions of that schema.

Installation

npm install @microsoft/jest-sarif --save-dev

# or

yarn add @microsoft/jest-sarif -D

Usage

You can import and use the matchers in one of two ways:

  1. (Recommended) Including in a jest setup file as a one-time setup

    // ./jest-setup.js
    
    import '@microsoft/jest-sarif';
    
    // or
    
    require('@microsoft/jest-sarif');

    If you're using TypeScript, you'll want to make your setup file a .ts file, and use import '@microsoft/jest-sarif'; to ensure the type extensions are included.

  2. Including one of the following at the top of your test file

    // my-test-file.js
    
    import '@microsoft/jest-sarif';
    
    // or
    
    require('@microsoft/jest-sarif');

Matchers

toBeValidSarifLog

Asserts that a value is a valid SARIF log.

it('should be a valid SARIF log', () => {
  const sarifLog = buildSarifLog();

  expect(sarifLog).toBeValidSarifLog();
});

toBeValidSarifFor(definition)

Asserts that a value is a valid SARIF definition type.

SARIF logs are complex, and can be made up of many sub-types. Most of these subtypes are defined in reusable definitions within the schema itself. You can use this matcher to match on specific sub-types within the schema. This is useful when you want to match valid portions of a log, but not the whole log.

it('should be a valid SARIF result', () => {
  const sarifResult = buildSarifResult();

  expect(sarifResult).toBeValidSarifFor('result');
});

Attribution

This package was based on the jest-json-schema package.

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.

When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Trademarks

This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.

Package Sidebar

Install

npm i @microsoft/jest-sarif

Weekly Downloads

224

Version

1.0.0-beta.0

License

MIT

Unpacked Size

160 kB

Total Files

31

Last publish

Collaborators

  • microsoft1es
  • rwjblue
  • scalvert