Closed davewichers closed 2 months ago
@davewichers It sure makes it easier for me, if you send me the file. I'll create the writer this weekend.
@davewichers guess this one can be closer?
Apparently Snyk json was just sarif, so already supported. @darkspirit510 - tweaked the parser slightly to ignore the file extension so it will parse json/sarif files regardless of their extension.
@darkspirit510 - Can you implement this when you get a chance?
We have an existing script for running Snyk: https://github.com/OWASP-Benchmark/BenchmarkJava/blob/master/scripts/runSnykSAST.sh
Currently it does this: snyk code test --json-file-output=results/Benchmark_$benchmark_version-snykCodeCli.json
But it can easily be changed to this: snyk code test --sarif-file-output=results/Benchmark_$benchmark_version-snykCodeCli.sarif
If you want me to send you the sarif results file for Benchmark1.2, so you don't have to set up Snyk yourself, happy to do so.