-
Notifications
You must be signed in to change notification settings - Fork 546
SARIF file support #488
Copy link
Copy link
Open
Labels
P4Future work. E.g. something we might to get on in the future. Might be used for future ideas too.Future work. E.g. something we might to get on in the future. Might be used for future ideas too.enhancementThe issue is related to improving a certain aspect of the project.The issue is related to improving a certain aspect of the project.help wantedIndicates that we would like someone that’s not a maintainer to work on the issue.Indicates that we would like someone that’s not a maintainer to work on the issue.triagedThe issue has been reviewed but has not been solved yet.The issue has been reviewed but has not been solved yet.
Description
Metadata
Metadata
Assignees
Labels
P4Future work. E.g. something we might to get on in the future. Might be used for future ideas too.Future work. E.g. something we might to get on in the future. Might be used for future ideas too.enhancementThe issue is related to improving a certain aspect of the project.The issue is related to improving a certain aspect of the project.help wantedIndicates that we would like someone that’s not a maintainer to work on the issue.Indicates that we would like someone that’s not a maintainer to work on the issue.triagedThe issue has been reviewed but has not been solved yet.The issue has been reviewed but has not been solved yet.
Type
Fields
Give feedbackNo fields configured for issues without a type.
It will be nice to have SARIF file support as the output of the scan.
I do not mean changing the current JSON output generated but adding a flag that would also create a serif file with results.
SARIF is an OASIS Standard and is good to display results from static analysis tools. For example, GitHub uses it: SARIF support for code scanning.
Several other commonly used solutions present the SARIF data nicely and are used by various CI / CD tools.