search

microsoft / sarif-sdk

.NET code and supporting files for working with the 'Static Analysis Results Interchange Format' (SARIF, see https://github.com/oasis-tcs/sarif-spec)
Other
193 stars 93 forks source link

export-validation-docs should accept another binary #2155

Closed eddynaka closed 3 years ago

eddynaka commented 3 years ago

Today, the command export-validation-docs does not accept an external assembly containing rules.

Suggestion

Create a new property that can point to an assembly which contains rules, for example, binskim.rules.dll. With that, we would be able to generate any rules from any provider who implement the Skimmer class. If the property was not supplied, so it will warn or use the self assembly (just the way we have now).

@michaelcfanning

michaelcfanning commented 3 years ago

Change verb name to export-docs. This should pick up a default assembly to operate against (do we need to provide an API stub for this property?) Then we can add an argument that overrides this value. We could support passing multiple assemblies...