-
**Is your feature request related to a problem? Please describe.**
See https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning
-
## The Problem
I am trying to set properties in a `SarifResultOptions` object. Here is the type definition of this object:
https://github.com/nvuillam/node-sarif-builder/blob/2682b619b87130190c151…
-
Application Inspector does not generate code flow results but CodeQL does. The Sarif Viewer should support viewing codeflow results when they are present.
-
When using the SARIF output, the failOnError option (used for instance with the Maven plugin) shall be respected so that the Invocation object `executionSuccesful` flag is set to `true`, even though f…
-
We're using "Android Lint" to generate a sarif file. The sarif locations use this pattern:
```
"originalUriBaseIds": {
"%SRCROOT%": {
"uri": "file…
-
I recently have been integrating both CppCheck and PVS-Studio into Azure DevOps Pipelines.
For CppCheck, I am using the Sarif.Multitool to generate sarif reports from cppcheck xml results files. I…
-
Looks to be same as: https://github.com/aquasecurity/tfsec/issues/1955 ... Maybe a new tag needs to be cut?
```
- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/tr…
-
**Is your feature request related to a problem? Please describe.**
Often I like to get the default text log output of `semgrep`, but also re-run with `--json` and `--sarif` to save these options …
-
# Situation
In `SarifV1JSONImporter` the vulnerability description field is set to empty String (""). This was implemented analog to the `CheckmarxV1XMLImporter`, because of unwanted html-tags in Ch…
-
Hi,
We encountered an issue with github's action 'scan_and_push_container_images_to_registries'
at the 'Convert Container Scan Report to SARIF' step, here's is the ouput:
"
Run rm3l/container-scan…