Before this fix the --severity flag and values were not added to the sarif input. Hence, when a default value of 'CRITICAL,HIGH' was supplied, it would simply be ignored and report everything. The result is producing a bunch of noisy alerts, and anin't nobody got time for that!
Before this fix the
--severity
flag and values were not added to the sarif input. Hence, when a default value of 'CRITICAL,HIGH' was supplied, it would simply be ignored and report everything. The result is producing a bunch of noisy alerts, and anin't nobody got time for that!Before the fix:
with this PR fix: