-
Notifications
You must be signed in to change notification settings - Fork 370
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: ensure the sarif output has a stable order #938
Conversation
for _, fn := range []func() int{ | ||
func() int { return strings.Compare(a.Source.Path, b.Source.Path) }, | ||
func() int { return strings.Compare(a.Package.Name, b.Package.Name) }, | ||
func() int { return strings.Compare(a.Package.Version, b.Package.Version) }, | ||
} { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm super on the fence about this: on the one hand its clever, but on the other maybe it's too clever?
I've got a commit locally that unwinds this into if
statements which I can push up if folks agree it's too clever
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it's easier to parse than if statements once you understand what it's doing, can you just add a comment above it basically describing it's just sorting by each field in descending priority.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sweet done - one other annoying downside though is that we can't cover the return 0
😞
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok turns out there's a nwm its go 1.22 onlycmp.Or
for exactly this - it's technically less efficient because it's not lazy (though there's a proposal for that), but these compares should be pretty inexpensive and its nice to remove the unreachable code path
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
for _, fn := range []func() int{ | ||
func() int { return strings.Compare(a.Source.Path, b.Source.Path) }, | ||
func() int { return strings.Compare(a.Package.Name, b.Package.Name) }, | ||
func() int { return strings.Compare(a.Package.Version, b.Package.Version) }, | ||
} { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it's easier to parse than if statements once you understand what it's doing, can you just add a comment above it basically describing it's just sorting by each field in descending priority.
6e3020f
to
35ea85d
Compare
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #938 +/- ##
==========================================
- Coverage 63.58% 63.57% -0.02%
==========================================
Files 146 146
Lines 11922 11933 +11
==========================================
+ Hits 7581 7586 +5
- Misses 3875 3881 +6
Partials 466 466 ☔ View full report in Codecov by Sentry. |
The coverage drop is fine - we were not covering the original code anyway, and it will be covered by #937, after which just the final |
This stabilizes the order in the SARIF output so that it is deterministic, as google#937 proved it was not.
These got included in google#938 even though they're for google#937 and it seems that `go-snaps` does not error about this even though it will clean them up if run with `UPDATE_SNAPS=clean`.
This stabilizes the order in the SARIF output so that it is deterministic, as #937 proved it was not.