Closed michaelcfanning closed 3 years ago
For completeness, I will mention that when building this, we should at least consider the possibility we want an even more granular, per-rule mechanism to control reporting behavior.
For example:
-level Error;BadRuleId.Note
might do something like remap BadRuleId's output into a Note (which could be disabled). we should also consider whether this argument could contain a value like 'Disabled' which doesn't literally existing on the SARIF Level type. we could do this because we'll have a string [] representation we can process because constructing the SARIF types. On encountering a Disabled value, we would proactively add this id to the disabled skimmers set.
This would provide a super easy way for people to opt out of a poorly behaving check (one that's crashing in general code paths for example).
Implementation notes:
@eddynaka @jameswinkler, FYI