Closed ayush2708 closed 6 months ago
ayush2708
commented
9 months ago 
AndyRace
commented
9 months ago I get the same, a blank 'No results found' tab. Is it because we don't have any threats in the .sarif file?
"runs": [
{
"tool": {
"driver": {
"name": "antimalware",
"rules": [
{
"id": "NoThreatsFound",
"name": "No threats were found by AntiMalware."
}
],
"properties": {
"RawName": "antimalware"
}
}
},
@AndyRace In my case, there were issues when I scanned via ESLint but not of error level which is designated to break the build. So I don't think that's the issue. Also, if you see previous issues on the forum there have been quite a lot of similar cases.
ElkRom
commented
7 months ago Hi, Does it mean that need to run additional task witg ESLint?
ayush2708
commented
7 months ago @ElkRom You need to run the Azure DevOps security task only along with the correct parameters. The extension should automatically pick up the result and publish in ur ADO tab. The ADO task outputs the results under a folder with .sarif extension. The ADO extension was designed to pick up that .sarif file and publish it as a report in the ADO tab. But it isn't working! I don't think anyone from the team is remotely interested to check!
50Wliu
commented
6 months ago @ayush2708 @AndyRace for a pipeline run where you expect to receive results but aren't seeing any (even empty results), could you:
CodeAnalysisLogs is showing up in the following HTTP request:
https://dev.azure.com/YOUR_ORGANIZATION/YOUR_PROJECT/_apis/build/builds/YOUR_BUILD_ID/artifacts
type of the artifact - whether it's "Container", "PipelineArtifact", or something else50Wliu
commented
6 months ago I'm actually going to consolidate this issue into #25 which has some further investigation.