Fixed findings should be a list (#558)

drdavella · web-flow · commit aae24f5620fa · 2024-05-10T14:03:52.000Z
diff --git a/src/codemodder/codemods/imported_call_modifier.py b/src/codemodder/codemods/imported_call_modifier.py
@@ -75,12 +75,13 @@ def leave_Call(self, original_node: cst.Call, updated_node: cst.Call):
                 and true_name
                 and true_name in self.matching_functions
             ):
-                findings = self.file_context.get_findings_for_location(line_number)
                 self.changes_in_file.append(
                     Change(
                         lineNumber=line_number,
                         description=self.change_description,
-                        finding=findings[0] if findings else None,
+                        findings=self.file_context.get_findings_for_location(
+                            line_number
+                        ),
                     )
                 )
 
diff --git a/src/codemodder/codemods/libcst_transformer.py b/src/codemodder/codemods/libcst_transformer.py
@@ -120,12 +120,11 @@ def add_dependency(self, dependency: Dependency):
 
     def report_change(self, original_node, description: str | None = None):
         line_number = self.lineno_for_node(original_node)
-        findings = self.file_context.get_findings_for_location(line_number)
         self.file_context.codemod_changes.append(
             Change(
                 lineNumber=line_number,
                 description=description or self.change_description,
-                finding=findings[0] if findings else None,
+                findings=self.file_context.get_findings_for_location(line_number),
             )
         )
 
diff --git a/src/codemodder/codetf.py b/src/codemodder/codetf.py
@@ -52,7 +52,7 @@ class Change(BaseModel):
     diffSide: DiffSide = DiffSide.RIGHT
     properties: Optional[dict] = None
     packageActions: Optional[list[PackageAction]] = None
-    finding: Optional[Finding] = None
+    findings: Optional[list[Finding]] = None
 
 
 class AIMetadata(BaseModel):
diff --git a/tests/codemods/defectdojo/semgrep/test_avoid_insecure_deserialization.py b/tests/codemods/defectdojo/semgrep/test_avoid_insecure_deserialization.py
@@ -46,9 +46,9 @@ def test_yaml_load(self, tmpdir):
         )
 
         assert changes is not None
-        assert changes[0].changes[0].finding is not None
-        assert changes[0].changes[0].finding.id == "1"
-        assert changes[0].changes[0].finding.rule.id == RULE_ID
+        assert changes[0].changes[0].findings is not None
+        assert changes[0].changes[0].findings[0].id == "1"
+        assert changes[0].changes[0].findings[0].rule.id == RULE_ID
 
     @mock.patch("codemodder.codemods.api.FileContext.add_dependency")
     def test_pickle_load(self, adds_dependency, tmpdir):
@@ -80,9 +80,9 @@ def test_pickle_load(self, adds_dependency, tmpdir):
         adds_dependency.assert_called_once_with(Fickling)
 
         assert changes is not None
-        assert changes[0].changes[0].finding is not None
-        assert changes[0].changes[0].finding.id == "2"
-        assert changes[0].changes[0].finding.rule.id == RULE_ID
+        assert changes[0].changes[0].findings is not None
+        assert changes[0].changes[0].findings[0].id == "2"
+        assert changes[0].changes[0].findings[0].rule.id == RULE_ID
 
     @mock.patch("codemodder.codemods.api.FileContext.add_dependency")
     def test_pickle_and_yaml(self, adds_dependency, tmpdir):
@@ -128,12 +128,12 @@ def test_pickle_and_yaml(self, adds_dependency, tmpdir):
         adds_dependency.assert_called_once_with(Fickling)
 
         assert changes is not None
-        assert changes[0].changes[0].finding is not None
-        assert changes[0].changes[0].finding.id == "4"
-        assert changes[0].changes[0].finding.rule.id == RULE_ID
-        assert changes[0].changes[1].finding is not None
-        assert changes[0].changes[1].finding.id == "3"
-        assert changes[0].changes[1].finding.rule.id == RULE_ID
+        assert changes[0].changes[0].findings is not None
+        assert changes[0].changes[0].findings[0].id == "4"
+        assert changes[0].changes[0].findings[0].rule.id == RULE_ID
+        assert changes[0].changes[1].findings is not None
+        assert changes[0].changes[1].findings[0].id == "3"
+        assert changes[0].changes[1].findings[0].rule.id == RULE_ID
 
     @mock.patch("codemodder.codemods.api.FileContext.add_dependency")
     def test_pickle_loads(self, adds_dependency, tmpdir):
diff --git a/tests/codemods/defectdojo/semgrep/test_django_secure_set_cookie.py b/tests/codemods/defectdojo/semgrep/test_django_secure_set_cookie.py
@@ -37,9 +37,9 @@ def test_simple(self, tmpdir):
         )
 
         assert changes is not None
-        assert changes[0].changes[0].finding is not None
-        assert changes[0].changes[0].finding.id == "1"
+        assert changes[0].changes[0].findings is not None
+        assert changes[0].changes[0].findings[0].id == "1"
         assert (
-            changes[0].changes[0].finding.rule.id
+            changes[0].changes[0].findings[0].rule.id
             == "python.django.security.audit.secure-cookies.django-secure-set-cookie"
         )

Original file line number	Diff line number	Diff line change
`@@ -120,12 +120,11 @@ def add_dependency(self, dependency: Dependency):`
`120`	`120`
`121`	`121`	`def report_change(self, original_node, description: str \| None = None):`
`122`	`122`	`line_number = self.lineno_for_node(original_node)`
`123`		`- findings = self.file_context.get_findings_for_location(line_number)`
`124`	`123`	`self.file_context.codemod_changes.append(`
`125`	`124`	`Change(`
`126`	`125`	`lineNumber=line_number,`
`127`	`126`	`description=description or self.change_description,`
`128`		`- finding=findings[0] if findings else None,`
	`127`	`+ findings=self.file_context.get_findings_for_location(line_number),`
`129`	`128`	`)`
`130`	`129`	`)`
`131`	`130`
Original file line number	Diff line number	Diff line change
`@@ -37,9 +37,9 @@ def test_simple(self, tmpdir):`
`37`	`37`	`)`
`38`	`38`
`39`	`39`	`assert changes is not None`
`40`		`- assert changes[0].changes[0].finding is not None`
`41`		`- assert changes[0].changes[0].finding.id == "1"`
	`40`	`+ assert changes[0].changes[0].findings is not None`
	`41`	`+ assert changes[0].changes[0].findings[0].id == "1"`
`42`	`42`	`assert (`
`43`		`- changes[0].changes[0].finding.rule.id`
	`43`	`+ changes[0].changes[0].findings[0].rule.id`
`44`	`44`	`== "python.django.security.audit.secure-cookies.django-secure-set-cookie"`
`45`	`45`	`)`