Enhancements

* Center the hero box, but left align text
* Lose the last vestige of jscpd
* Report on what tools were used

html_report.rb

@@ -8,6 +8,7 @@
 
 # loads and represents one of more SARIF files
 class SarifFile
+  attr_reader :report
   def initialize(path)
     @report = get_sarifs(path)
   end
@@ -85,37 +86,32 @@ def initialize(sarif_file, destination_path)
     @severities = %w[error warning note]
     @content = []
     @scan_date = Time.now
+    @tools = []
   end
 
   def generate
     @sarif = SarifFile.new(@sarif_spec)
     @results = @sarif.results
-    self
-  end
 
-  # jscpd has a single rule, which can spam the result page.
-  # should probably fix this in `tools.d/jscpd`
-  def cope_with_jscpd(result)
-    description = result.description
-    rule_id = result.rule_id
-    language = nil
-    description.match(/Clone detected in (\w+)/) { |m| language = m[1] }
-    final_rule_id = rule_id == 'duplication' ? "duplication.#{language}" : rule_id
-    [description, final_rule_id]
+    @sarif.report.each do |report|
+      tool_name = report.runs.first.tool.driver.name
+      @tools << tool_name
+    end
+    self
   end
 
   def results_matching(severity, rule_id)
     @results.select do |result|
-      _description, final_rule_id = cope_with_jscpd(result)
-      result.severity == severity && final_rule_id == rule_id
+      _description = result.description
+      rule_id = result.rule_id
+      result.severity == severity && result.rule_id == rule_id
     end
   end
 
   def rules_and_descriptions(severity)
     @results.select { |e| e.severity == severity }.map do |result|
-      description, final_rule_id = cope_with_jscpd(result)
 
-      [final_rule_id, description]
+      [result.rule_id, result.description]
     end.uniq.to_h
   end
 

template.erb

@@ -56,9 +56,14 @@
           font-weight: bold;
           margin: 20px 0 10px;
       }
-
+      .header-container {
+          display: flex;
+          justify-content: center;
+          margin: auto;
+      }
       .header {
-          text-align: center;
+          text-align: left;
+          display: inline-block;
           padding: 20px;
           margin-bottom: 20px;
           background-color: #f4f4f4;
@@ -75,6 +80,9 @@
 </head>
 <body>
 <div class="container">
+  <div class="header-container">
+
+
   <div class="header">
 
 
@@ -83,8 +91,9 @@
     <p><strong>Repo Branch:</strong> <%= ENV['REPO_BRANCH'] %></p>
     <p><strong>Latest Commit SHA:</strong> <%= ENV['LATEST_COMMIT_SHA'] %></p>
     <p><strong>Scan Date:</strong> <%= @scan_date %></p>
+    <p><strong>Tools used:</strong> <%= @tools.join(", ") %></p>
+  </div>
   </div>
-
 
 
   <% severities.each do |severity| %>

tools.d/pmd-cpd

@@ -4,24 +4,25 @@ set -euo pipefail
 which pmd > /dev/null || exit 1
 
 source=$1
-pmd_version=$(pmd --version | grep PMD | awk '{print $2}')
-brew_prefix=$(brew --prefix)
 set -eo pipefail
 
+pmd_version=$(pmd --version | grep PMD | awk '{print $2}')
+brew_prefix=$(brew --prefix)
 tmpdir=$(mktemp -d)
-
-
+output_csv="${tmpdir}/output.csv"
+findings_csv="${tmpdir}/findings.csv"
+touch "${findings_csv}"
 for language in cpp cs java python ruby typescript; do
     pmd cpd --minimum-tokens=100 -l $language -d "$source" --no-fail-on-error --ignore-identifiers -f csv | \
     grep -v "lines,tokens,occurrences" \
-    >> "${tmpdir}/output.csv" || true
+    >> "${output_csv}" || true
 done
 
-awk -F ',' '{print $1, $4, $5}' "${tmpdir}/output.csv" | while read -r lines start_line file; do
+awk -F ',' '{print $1, $4, $5}' "${output_csv}" | while read -r lines start_line file; do
     end_line=$(($start_line + $lines))
-    printf "duplication,note,code duplication found in source files,%s,%s,%s\n" "${file}" "${start_line}" "${end_line}"  >> "${tmpdir}/findings.csv"
+    printf "duplication,note,code duplication found in source files,%s,%s,%s\n" "${file}" "${start_line}" "${end_line}"  >> "${findings_csv}"
 done
 
-PATH="${brew_prefix}/opt/statica/libexec:.:$PATH" csv2sarif "pmd-cp" "${pmd_version}" "${tmpdir}/findings.csv"
+PATH="${brew_prefix}/opt/statica/libexec:.:$PATH" csv2sarif "pmd-cp" "${pmd_version}" "${findings_csv}"
 
 rm -rf "${tmpdir}"