Skip to content

Bring back working "rootId" #618

Description

@yairlenga

I'm bringing big SARIF file to legacy solution (C++) - to address security issues. The data is generated on CI machines, with file hierarchy different from development boxes. I've noticed that unless I give absolution file URL (artifactionLocation.url with "file:///" URLS OR using "uriBaseId" that reference absolution file URL - the viewer start showing "view only" windows, instead of opening windows for edit.

My request - make it possible to work effectively with SARIF the includes relative file name - either by fixing the unexpected behavior that results in "view only" windows (see below, or by restoring the functionality to specify rootId in the settings.

The behavior I've noticed - when using SARIF file with relative URLs.

  • On the first click on an issue, an editable window will be opened to the file.
  • If I close the window and open a different finding / different file - I still get editable window
  • Clicking on the finding associated with the original file - will result in getting "view only" window - without any easy way to open the file for editing (to actually address the issues).

Problem only exists when URI are relative. I was hoping to use the "baseRootIds" setting to allow me to specify location of source files in dev environment, but it does not look as this is working. In some cases, VSCode can locate the file (looks like it try to match the tail of the path anywhere in the tree) - but this will not allow opening editable windows.

It was very frustrating to replicate the sequence. I hope my description will work, if not, LMK - I can create a ZIP file and share a sequence.

According to ChatGPT - issue has to do with mapping of VScode windows to "sarif:..." URL. Not sure if this is a good hint, or just a wild guess ..

Thanks,
Yair

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions