Add new GitHub code scanning Alert fields (google#2013)

github/code-scanning.go

@@ -18,9 +18,44 @@ import (
 // GitHub API docs: https://docs.github.com/en/free-pro-team@latest/rest/reference/code-scanning/
 type CodeScanningService service
 
+// Rule represents the complete details of GitHub Code Scanning alert type.
+type Rule struct {
+	ID              *string  `json:"id,omitempty"`
+	Severity        *string  `json:"severity,omitempty"`
+	Description     *string  `json:"description,omitempty"`
+	Name            *string  `json:"name,omitempty"`
+	FullDescription *string  `json:"full_description,omitempty"`
+	Tags            []string `json:"tags,omitempty"`
+	Help            *string  `json:"help,omitempty"`
+}
+
+// Location represents the exact location of the GitHub Code Scanning Alert in the scanned project.
+type Location struct {
+	Path        *string `json:"path,omitempty"`
+	StartLine   *int    `json:"start_line,omitempty"`
+	EndLine     *int    `json:"end_line,omitempty"`
+	StartColumn *int    `json:"start_column,omitempty"`
+	EndColumn   *int    `json:"end_column,omitempty"`
+}
+
+// Message is a part of MostRecentInstance struct which provides the appropriate message when any action is performed on the analysis object.
+type Message struct {
+	Text *string `json:"text,omitempty"`
+}
+
+// MostRecentInstance provides details of the most recent instance of this alert for the default branch or for the specified Git reference.
+type MostRecentInstance struct {
+	Ref             *string   `json:"ref,omitempty"`
+	AnalysisKey     *string   `json:"analysis_key,omitempty"`
+	Environment     *string   `json:"environment,omitempty"`
+	State           *string   `json:"state,omitempty"`
+	CommitSHA       *string   `json:"commit_sha,omitempty"`
+	Message         *Message  `json:"message,omitempty"`
+	Location        *Location `json:"location,omitempty"`
+	Classifications []string  `json:"classifications,omitempty"`
+}
+
 // Tool represents the tool used to generate a GitHub Code Scanning Alert.
-//
-// GitHub API docs: https://docs.github.com/en/rest/reference/code-scanning#list-code-scanning-alerts-for-a-repository
 type Tool struct {
 	Name    *string `json:"name,omitempty"`
 	GUID    *string `json:"guid,omitempty"`
@@ -31,16 +66,22 @@ type Tool struct {
 //
 // GitHub API docs: https://docs.github.com/en/rest/reference/code-scanning#list-code-scanning-alerts-for-a-repository
 type Alert struct {
-	RuleID          *string    `json:"rule_id,omitempty"`
-	RuleSeverity    *string    `json:"rule_severity,omitempty"`
-	RuleDescription *string    `json:"rule_description,omitempty"`
-	Tool            *Tool      `json:"tool,omitempty"`
-	CreatedAt       *Timestamp `json:"created_at,omitempty"`
-	Open            *bool      `json:"open,omitempty"`
-	ClosedBy        *User      `json:"closed_by,omitempty"`
-	ClosedAt        *Timestamp `json:"closed_at,omitempty"`
-	URL             *string    `json:"url,omitempty"`
-	HTMLURL         *string    `json:"html_url,omitempty"`
+	RuleID             *string             `json:"rule_id,omitempty"`
+	RuleSeverity       *string             `json:"rule_severity,omitempty"`
+	RuleDescription    *string             `json:"rule_description,omitempty"`
+	Rule               *Rule               `json:"rule,omitempty"`
+	Tool               *Tool               `json:"tool,omitempty"`
+	CreatedAt          *Timestamp          `json:"created_at,omitempty"`
+	Open               *bool               `json:"open,omitempty"`
+	ClosedBy           *User               `json:"closed_by,omitempty"`
+	ClosedAt           *Timestamp          `json:"closed_at,omitempty"`
+	URL                *string             `json:"url,omitempty"`
+	HTMLURL            *string             `json:"html_url,omitempty"`
+	MostRecentInstance *MostRecentInstance `json:"most_recent_instance,omitempty"`
+	DismissedBy        *User               `json:"dismissed_by,omitempty"`
+	DismissedAt        *Timestamp          `json:"dismissed_at,omitempty"`
+	DismissedReason    *string             `json:"dismissed_reason,omitempty"`
+	InstancesURL       *string             `json:"instances_url,omitempty"`
 }
 
 // ID returns the ID associated with an alert. It is the number at the end of the security alert's URL.

github/code-scanning_test.go

@@ -69,6 +69,32 @@ func TestActionsService_ListAlertsForRepo(t *testing.T) {
 					"guid": null,
 					"version": "1.4.0"
 				},
+				"rule": {
+					"id": "js/trivial-conditional",
+					"severity": "warning",
+					"description": "Useless conditional",
+					"name": "js/trivial-conditional",
+					"full_description": "Expression has no effect",
+					"help": "Expression has no effect"
+				},
+				"most_recent_instance": {
+					"ref": "refs/heads/main",
+					"state": "open",
+					"commit_sha": "abcdefg12345",
+					"message": {
+						"text": "This path depends on a user-provided value."
+					},
+					"location": {
+						"path": "spec-main/api-session-spec.ts",
+						"start_line": 917,
+						"end_line": 917,
+						"start_column": 7,
+						"end_column": 18
+					},
+					"classifications": [
+						"test"
+					]
+				},
 				"created_at":"2020-05-06T12:00:00Z",
 				"open":true,
 				"closed_by":null,
@@ -85,6 +111,32 @@ func TestActionsService_ListAlertsForRepo(t *testing.T) {
 					"guid": null,
 					"version": "1.4.0"
 				},
+				"rule": {
+					"id": "js/useless-expression",
+					"severity": "warning",
+					"description": "Expression has no effect",
+					"name": "js/useless-expression",
+					"full_description": "Expression has no effect",
+					"help": "Expression has no effect"
+				},
+				"most_recent_instance": {
+					"ref": "refs/heads/main",
+					"state": "open",
+					"commit_sha": "abcdefg12345",
+					"message": {
+						"text": "This path depends on a user-provided value."
+					},
+					"location": {
+						"path": "spec-main/api-session-spec.ts",
+						"start_line": 917,
+						"end_line": 917,
+						"start_column": 7,
+						"end_column": 18
+					},
+					"classifications": [
+						"test"
+					]
+				},
 				"created_at":"2020-05-06T12:00:00Z",
 				"open":true,
 				"closed_by":null,
@@ -108,24 +160,72 @@ func TestActionsService_ListAlertsForRepo(t *testing.T) {
 			RuleSeverity:    String("warning"),
 			RuleDescription: String("Useless conditional"),
 			Tool:            &Tool{Name: String("CodeQL"), GUID: nil, Version: String("1.4.0")},
-			CreatedAt:       &date,
-			Open:            Bool(true),
-			ClosedBy:        nil,
-			ClosedAt:        nil,
-			URL:             String("https://api.github.com/repos/o/r/code-scanning/alerts/25"),
-			HTMLURL:         String("https://github.com/o/r/security/code-scanning/25"),
+			Rule: &Rule{
+				ID:              String("js/trivial-conditional"),
+				Severity:        String("warning"),
+				Description:     String("Useless conditional"),
+				Name:            String("js/trivial-conditional"),
+				FullDescription: String("Expression has no effect"),
+				Help:            String("Expression has no effect"),
+			},
+			CreatedAt: &date,
+			Open:      Bool(true),
+			ClosedBy:  nil,
+			ClosedAt:  nil,
+			URL:       String("https://api.github.com/repos/o/r/code-scanning/alerts/25"),
+			HTMLURL:   String("https://github.com/o/r/security/code-scanning/25"),
+			MostRecentInstance: &MostRecentInstance{
+				Ref:       String("refs/heads/main"),
+				State:     String("open"),
+				CommitSHA: String("abcdefg12345"),
+				Message: &Message{
+					Text: String("This path depends on a user-provided value."),
+				},
+				Location: &Location{
+					Path:        String("spec-main/api-session-spec.ts"),
+					StartLine:   Int(917),
+					EndLine:     Int(917),
+					StartColumn: Int(7),
+					EndColumn:   Int(18),
+				},
+				Classifications: []string{"test"},
+			},
 		},
 		{
 			RuleID:          String("js/useless-expression"),
 			RuleSeverity:    String("warning"),
 			RuleDescription: String("Expression has no effect"),
 			Tool:            &Tool{Name: String("CodeQL"), GUID: nil, Version: String("1.4.0")},
-			CreatedAt:       &date,
-			Open:            Bool(true),
-			ClosedBy:        nil,
-			ClosedAt:        nil,
-			URL:             String("https://api.github.com/repos/o/r/code-scanning/alerts/88"),
-			HTMLURL:         String("https://github.com/o/r/security/code-scanning/88"),
+			Rule: &Rule{
+				ID:              String("js/useless-expression"),
+				Severity:        String("warning"),
+				Description:     String("Expression has no effect"),
+				Name:            String("js/useless-expression"),
+				FullDescription: String("Expression has no effect"),
+				Help:            String("Expression has no effect"),
+			},
+			CreatedAt: &date,
+			Open:      Bool(true),
+			ClosedBy:  nil,
+			ClosedAt:  nil,
+			URL:       String("https://api.github.com/repos/o/r/code-scanning/alerts/88"),
+			HTMLURL:   String("https://github.com/o/r/security/code-scanning/88"),
+			MostRecentInstance: &MostRecentInstance{
+				Ref:       String("refs/heads/main"),
+				State:     String("open"),
+				CommitSHA: String("abcdefg12345"),
+				Message: &Message{
+					Text: String("This path depends on a user-provided value."),
+				},
+				Location: &Location{
+					Path:        String("spec-main/api-session-spec.ts"),
+					StartLine:   Int(917),
+					EndLine:     Int(917),
+					StartColumn: Int(7),
+					EndColumn:   Int(18),
+				},
+				Classifications: []string{"test"},
+			},
 		},
 	}
 	if !cmp.Equal(alerts, want) {
@@ -161,6 +261,32 @@ func TestActionsService_GetAlert(t *testing.T) {
 					"guid": null,
 					"version": "1.4.0"
 				},
+				"rule": {
+					"id": "useless expression",
+					"severity": "warning",
+					"description": "Expression has no effect",
+					"name": "useless expression",
+					"full_description": "Expression has no effect",
+					"help": "Expression has no effect"
+				},
+				"most_recent_instance": {
+					"ref": "refs/heads/main",
+					"state": "open",
+					"commit_sha": "abcdefg12345",
+					"message": {
+						"text": "This path depends on a user-provided value."
+					},
+					"location": {
+						"path": "spec-main/api-session-spec.ts",
+						"start_line": 917,
+						"end_line": 917,
+						"start_column": 7,
+						"end_column": 18
+					},
+					"classifications": [
+						"test"
+					]
+				},      
 				"created_at":"2019-01-02T15:04:05Z",
 				"open":true,
 				"closed_by":null,
@@ -181,12 +307,36 @@ func TestActionsService_GetAlert(t *testing.T) {
 		RuleSeverity:    String("warning"),
 		RuleDescription: String("Expression has no effect"),
 		Tool:            &Tool{Name: String("CodeQL"), GUID: nil, Version: String("1.4.0")},
-		CreatedAt:       &date,
-		Open:            Bool(true),
-		ClosedBy:        nil,
-		ClosedAt:        nil,
-		URL:             String("https://api.github.com/repos/o/r/code-scanning/alerts/88"),
-		HTMLURL:         String("https://github.com/o/r/security/code-scanning/88"),
+		Rule: &Rule{
+			ID:              String("useless expression"),
+			Severity:        String("warning"),
+			Description:     String("Expression has no effect"),
+			Name:            String("useless expression"),
+			FullDescription: String("Expression has no effect"),
+			Help:            String("Expression has no effect"),
+		},
+		CreatedAt: &date,
+		Open:      Bool(true),
+		ClosedBy:  nil,
+		ClosedAt:  nil,
+		URL:       String("https://api.github.com/repos/o/r/code-scanning/alerts/88"),
+		HTMLURL:   String("https://github.com/o/r/security/code-scanning/88"),
+		MostRecentInstance: &MostRecentInstance{
+			Ref:       String("refs/heads/main"),
+			State:     String("open"),
+			CommitSHA: String("abcdefg12345"),
+			Message: &Message{
+				Text: String("This path depends on a user-provided value."),
+			},
+			Location: &Location{
+				Path:        String("spec-main/api-session-spec.ts"),
+				StartLine:   Int(917),
+				EndLine:     Int(917),
+				StartColumn: Int(7),
+				EndColumn:   Int(18),
+			},
+			Classifications: []string{"test"},
+		},
 	}
 	if !cmp.Equal(alert, want) {
 		t.Errorf("CodeScanning.GetAlert returned %+v, want %+v", alert, want)