Parsing JSON files as XML in CLI

[alexandrakoller]

Describe the bug
When analysing JSON files with dots in their names (e.g., file.test.config.json), DevSkim CLI incorrectly attempts to parse them as XML, resulting in a parsing error: [13:40:06 ERR] Failed to parse Data at the root level is invalid. Line 1, position 1. as a XML document: null

To Reproduce
Steps to reproduce the behavior:

1. Create a JSON file with dots in its name, such as file.test.config.json.
2. Run the DevSkim analyze command on this file. I have run devskim analyze -I ./src -s Important -E true -g **/bin/**,**/obj/**,**/.git/**,**/node_modules/** -x Verbose
3. Observe the error message indicating a failure to parse the file as XML.

Expected behavior
DevSkim should be able to recognise and parse a JSON file.

Screenshots

Versions(please complete the following information):

• OS: Windows 10 (10.0.22631)
• Devskim Version 1.0.51+210b5d121e

Additional context
N/A

[scovetta]

Thanks @alexandrakoller! I suspect this isn't due to the extra dot in the name, but the '.config' substring in your example, since .config files are parsed as XML by design. Are you able to repro if the name is just "foo.bar.baz.json"?

[gfs]

In order to perform xpath computation, first we have to try to parse the file as XML, which is failing, as expect for a json document, but there's no way to know its not XML without trying to parse it, so the issue may just be that this message shouldn't be logged as an error: https://github.com/microsoft/ApplicationInspector/blob/567ac2faadc9984edca818855d0f961f08edc255/AppInspector.RulesEngine/TextContainer.cs#L195

[gfs]

I double checked and do receive this error with a file with that particular name which seems to be due to the ".config" portion of the filename. If I swap out ".config" for anything else the error no longer appears. I think this indicates that one of the default rules that uses xpaths has an applies to filter that is too broad. This shouldn't impact actual scan results though, because of course that rule won't be able to apply since the xpath filtering won't work.