GriffinMB
commented
3 years ago I need to clean up the help text a bit and improve the sarif tests, but this is now working as expected: https://github.com/GriffinMB/phx_demo/security/code-scanning/4?query=ref%3Arefs%2Fheads%2Fmaster
I should be able to close this out before the end of the weekend.
Add SARIF as a supported output format.
SARIF is an oasis standard JSON format that aims to standardize the format of security alerts so that the data is normalized and can be integrated into a number of other tools.
GitHub supports the SARIF format and enables developers of open source projects and public repositories to view security alerts directly in the GitHub UI.
https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/uploading-a-sarif-file-to-github