Closed LucaBlackDragon closed 4 months ago
I forgot to mention that I am already using SARIF as output format in my pipelines, e.g.:
- task: dependency-check-build-task@6
displayName: OWASP Dependency Check
inputs:
projectName: '$(mainProject)'
scanPath: '$(Build.ArtifactsStagingDirectory)'
format: 'SARIF' # ← this is marked as an error in Azure DevOps
suppressionPath: 'owasp-suppressions.xml'
and it Just Works™
@pippolino I think this will be included in #155, if not so feel free to re-open it
Adds SARIF to output format options, since OWASP Dependency Check CLI
--format
argument supports it.