* Add basic sarif implementation for the analyze command.
* Improvements to sarifwriter
* Reduce Redundancy in analyze command.
Fix behavior when no tags are present on a match (don't add if limiting based on number of matches per tag).
* Populate required message parameter.
* Add options to include repository information when outputting sarif.
* Dont collect context when outputting sarif.
* Improve option handling when format is sarif.
* Update Program.cs
* Fix check for number of tag matches.
* Support Metrics in any portion of tag
Fix#406.
* Minor json fixes for rules
* one more
* one more
* correct pattern
* Update outbound_network.json
Co-authored-by: Gabe Stocco <98900+gfs@users.noreply.github.com>
* Rename argument to reduce confusion if attempting to use regular strings with the old -k
* Update tests
* Bump to 1.4
* Fix TagDiff -k option
* Update Docs
* Bring better options parity between Analyze and TagDiff commands
* Update README.md
* Remove No File Metadata option from tagdiff
It never returned file metadata.
* Update CLICmdOptions.cs
* Don't produce both JSON and HTML
* Bump Dependencies
* Fix eample in options
* Refactor Logging into Common Libary
* Fix GetTags Behavior
* Add option to skip collecting file metadata
* Reduce amount gathering by excerpt to avoid gathering huge amounts of data
* Explain new context-lines behavior in Options description
* Add test for multifile tags behavior
* Unify how rules are gotten between regular and async
* Improve cache behavior
* First Commit 1.3 Beta (#344)
* Add an AsyncEnumerable version of getting results.
* Fix
* Add rewritten parallel implementation
* Use the new methods
* Fix metadata in HTML report
* Adds a progress bar
* Use the data from the metadata object for the progress bar
* Fixes
* Fix not incrementing number of total files.
* clean up
* Fix end of line finding for comment checking.
* Simplify pack rules
* Refactor FileChecksPassed
* Don't serialize unneeded values.
* Fix test case
* Adds the GetTags command
* Remove tests that test removed functionality
* Build Fixes
* Nullability fixes
* Fix tests
* Fix GetTags and tests
* Fix MetaData.cs
* Fix test
* Fix#342
Adds per file timeout
* Adds timeout to gettags
* typo
* Improve progress bar
* Add Metadata for files scanned and time taken to scan
* Add ScanState field for analyze metadata
* Fix
* Add file timings to get tags command.
* Rewrite Metadata and Metadata helper to simplify collection.
* Misc Cleanup
* Fixes
* Update GetTagsCommand.cs
* Spruce up progress bars.
* Nicer progress information
* Add ETA to progress
* More progress bar improvements.
* use built in eta
* Simplify PopulateRecords
* Disable parallel extraction
* Update version.json
* Catch overflow exceptions
* Use GetTags instead of Analyze command for TagDiff and TagTest
* Update core-pipeline.yml
* Remove Unused UniqueTagsExceptions
* Simplify Skip logic
* Clean up
* Fix Exclusions bug
* Fix binary file exclusions
* Dont open browser
* Remove browser open
* only chomp 1024 bytes
* Fix logging
* Change timeout to milliseconds
* Fix binary file detection
* Only check 1024 characters for control characters
* Fix binary checking
* Update MetaDataHelper.cs
* fix html tests
* Update Utils.cs
* Improve binary checking
* Remove tag output only option from analyze
Use the get tags command.
* Code Cleanup
* improve some variable names
* Remove Simple Tags Tests
* Bump dependencies.
* Simplify JsonWriter
* Remove extraneous header on text results
* Clean up
* Simplify last updated
* Remove unused lastupdated references
* Fix#343
* Update GetTagsCommand.cs
* Clean up Dependencies
* Save access and create times
* Fix printing to console over progress bar.
Console output is saved until after the progress bar completes.
* Show file counts in progress bar
* Fix cancelling.
* Remove unused Dummy Writers
* Gfs/cli timeout (#349)
* Add overall processing time out for GetTags and Analyze commands
* Separate state for timed out skipped
* Update FileRecord.cs
* Fix binary checking (#351)
* Fix binary checking
* Fix Binary Checking in GetTags
* Update GetTagsCommand.cs
* Update AnalyzeCommand.cs
* Add async (#354)
* Add Async Versions of GetResult appropriate for WASM use
* Fix GetTags command uniqueness
* Update RuleProcessor.cs
* Build fix
* Fix#353
* Add async tests
* Fixes enumeration printing (#357)
* Fix enumeration count of entries.
* Build fix
* Dont list meaningless info when running get tags progress bar
* Update RuleProcessor.cs
* Options for Skipping gathering excerpts and skipping unknown files (#361)
* Add option to grab number of lines of context and disable gathering on GetTags for performance
* Use concurrent que in stead of bag for performance.
* Default skip unknown files
* build fix
* Bump dependencies
* Publish Beta Builds from Development
* Gfs/some tests (#363)
* Fix Unknown files being scanned by all language rules.
* New tests and fixes for unknown file type scans
* Update AnalyzeJsonWriter.cs
* Write Faster GetLastIndex
* Slightly faster again
* Make fast IndexOf method
* Fix
* Fix test bug
* Test fix
* Minor performance improvements. (#364)
* Performance and misc improvements (#365)
* Keep track of column for matches properly
* Recfactor try catch
* Fix excertp gathering for async analyze
* Rethrow instead of clobbering
* Use substring when possible for performance
Seeing significant performance uplift.
* Fix exception getting version info
* Fix OatSubstringIndexOperation
* Update AnalyzeBenchmark.cs
* Fix rule verifier
* Support case insensitive string and substring operations
* Enable verify rules test
* Fix default rules verification to actually check embedded rules.
* Clean up isbetween a bit
* clean up
* Remove unneeded test
* Test fix
* Add OAT validation to rule validator
* Fix same-line findings
* Add a rule verification for the within conditions.
* Fix rule verifier
* Fix storage rules
* Add an exporting progress bar. (#367)
* Add an exporting progress bar.
* Fix gettags command to return actual exit code.
* Cache Results of IsCommented (#369)
* Improve Scope Match performance
* Fix
* Update TextContainer.cs
* Test fix
* Update TestAnalyzeCmd.cs
* Update TextContainer.cs
* Update TextContainer.cs
* Update TextContainer.cs
* Update TextContainer.cs
* Clean up text container
* Update RuleProcessor.cs
* Use Globs for file exclusions
* Update AnalyzeCommand.cs
* Update CLICmdOptions.cs
* Add none to disable
* Update GetTagsCommand.cs
* Fix build
* Fix Text Contains
Respect parallel in rule processor
Update descriptions for command options
Reduce sleep frequency
* Fix filter tests
* Update TestGetTagsCmd.cs
* Repro of null rules in match
* Remove TagTest
GetTags seems to perform the same task.
* Remove TagTest command
* Limit parallelization to decrease timeouts
* Fix test
* Fix regexword implementation
* Clean up rules
Improve some rules, remove some unneeded fields.
* Fix Rules and RulePacker
Fix Regex Word behavior
* Fix Pack Rules
* Narrow media regexes
* Fix tests
* Fix test
* Improve TagDiff performane
* Fix async analyze
* Update TestAnalyzeCmd.cs
* Update TestAnalyzeCmd.cs
* Update TestAnalyzeCmd.cs
* Workaround for IndexOf on Windows
* Update OatSubstringIndexOperation.cs
* Remove multithread enumerating
* Update TextContainer.cs
* Update RuleProcessor.cs
* Don't precheck matches count.
* Respect numcontextlines
* Update AnalyzeBenchmark.cs
* Add Multi path option
* Update TestGetTagsCmd.cs
* Fix verifier
* simplify regex word construction
* Better simplify
* Update TestGetTagsCmd.cs
* Update test numbers to match fixed behavior of regex-word
* Update Ruleset.cs
* Fix test numbers with fixed regex word
* Update TagDiffCommand.cs
* Make Get-Tags an option of Analyze
GetTags and Analyze were mostly duplicative so instead the GetTags behavior is now provided by giving `-t` or `TagsOnly` to Analyze.
* bump to RC
* fixes
* Rename tests to accurately reflect using analyze command
* Support multiple input for TagDiff via comma separated
* Remove test for removed functionality
* Add missing comments
* More comments.
* Make FilePathExclusions parsed automatically.
* Roslynator Changes
* Respond to comments.
* Fix tests
* Fix tests
* More Roslynator Changes
* Improve Exclusion Speed (#374)
* Shrink Icon
Fix#330
* Skip files earlier
* Update AnalyzeCommand.cs
* fix bad merge
* Update version.json
* Fix linebreaks to show finished progressbars
* Add Regex Support to Applies To
* Split Applies To and FileName regexes
* Add Rule Verification for FileRegexes
Fix bug in CompiledFileRegex getter
* Update Rule.cs
* Union instead of add to prevent rule dupes
* remove unneeded tolist
* dont serialize compiledfileregexes
* Update RuleProcessor.cs
* Remove extraneous :
* Support for issue #307 web attributes detection added including HTML5 key features use, session cookie attributes, HTML security/other headers detection and others.
* Adds pipeline tool and web app results to html key features report including many of the new web app feature detection patterns, static analyzers, linters, and more.
* Adds required policheck task to sdl pipeline.
* Enables ability to see Guardian exports for code scans like Policheck
* Minor edit for regional lang scanner and enhancement to environment read/write rule support i.e. #309
* Correction to regex needed. Note rulespacker binaries need updating to align to new verification checks.
* Adds rule improvements for Android Intents, IOS permissions, UWP capability declarations.
* Updates to new rules, pattern aggregation and description updates. Fix for endLocationLine if match is on last line of the file. Minor wording improvements on html report.
* Tag and description updates
* Updates popper lib version. D3 cannot be updated as it breaks existing functionality. D3 ref is kept but copy is added to code for safekeeping.
* #262, #303 fixes. Also orders feature groups more alphabetically.
* Identified ref for 3 js libs allowing removal of local copies.
* Adds rules for Android Intents, IOS permissions, UWP capability declarations.
* Updates to new rules, pattern aggregation and description updates. Fix for endLocationLine if match is on last line of the file. Minor wording improvements on html report.
* Tag and description updates
Gabe Stocco
hiteshbedre
Michael Hendrickx
Suraj Jacob
Michael Scovetta
David Alcantar
Guy Acosta