-
# Description
`sarif` file does not have the findings in it.
# Environment
OS: ` MacOS Venture 13`
Version: ` Your current version is: v2.9.1`
# Steps To Reproduce
1. Create a `deployment…
-
We should add some remediation guidance to the OSV-Scanner SARIF output to let users know to remediate their vulnerabilities.
- Upgrade the vulnerable dependencies (in the future, point to #352).
…
-
SARIF support was recently added (#33, #4), adding a new output format to Nosey Parker's `report` command. This support is preliminary, but good enough that viewers like the [VSCode SARIF plugin](http…
-
I'd like to run the SARIF formatter on our CI but don't want to configure it by default for everyone running the linter itself on their development machines. I know I can create a config, extend the o…
-
**Describe the bug**
`scripts/reports/analysis_report.py` fails for .sarif file containing MISRA violations.
In our project, we have C files and C++ files. We want to use MISRA C for .c and .h fil…
-
**What happened**:
grype generates different output content for the same image, which breaks the reproducibility.
Motivation comes from the https://github.com/in-toto/attestation/issues/58 to pu…
-
* SARIF is a JSON based format for representing code scanning results, currently used by Github (see [docs](https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-…
-
Hello.
Sorry, I've tried your Discord to report this error but It seems the provided link is not working.
**Describe the bug**
According the Spectral CLI documentation, sarif report can be gene…
-
We should add SARIF reporter so that we can get better GitHub integration https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning
-
Hi, is it in the roadmap to make PHP_CodeSniffer provide [SARIF](https://sarifweb.azurewebsites.net/) output ? (SARIF is the OASIS common format for all analysis tools )
It would help improve its […