Closed ayush2708 closed 6 months ago
I get the same, a blank 'No results found' tab. Is it because we don't have any threats in the .sarif file?
"runs": [
{
"tool": {
"driver": {
"name": "antimalware",
"rules": [
{
"id": "NoThreatsFound",
"name": "No threats were found by AntiMalware."
}
],
"properties": {
"RawName": "antimalware"
}
}
},
@AndyRace In my case, there were issues when I scanned via ESLint but not of error level which is designated to break the build. So I don't think that's the issue. Also, if you see previous issues on the forum there have been quite a lot of similar cases.
Hi, Does it mean that need to run additional task witg ESLint?
@ElkRom You need to run the Azure DevOps security task only along with the correct parameters. The extension should automatically pick up the result and publish in ur ADO tab. The ADO task outputs the results under a folder with .sarif extension. The ADO extension was designed to pick up that .sarif file and publish it as a report in the ADO tab. But it isn't working! I don't think anyone from the team is remotely interested to check!
@ayush2708 @AndyRace for a pipeline run where you expect to receive results but aren't seeing any (even empty results), could you:
CodeAnalysisLogs
is showing up in the following HTTP request:
https://dev.azure.com/YOUR_ORGANIZATION/YOUR_PROJECT/_apis/build/builds/YOUR_BUILD_ID/artifacts
type
of the artifact - whether it's "Container", "PipelineArtifact", or something elseI'm actually going to consolidate this issue into #25 which has some further investigation.