sarif
SARIF formatter
This formatter outputs the issues in SARIF formatted JSON.
- Example:
{
"runs": [
{
"tool": {
"driver": {
"name": "Bandit",
"organization": "PyCQA",
"rules": [
{
"id": "B101",
"name": "assert_used",
"properties": {
"tags": [
"security",
"external/cwe/cwe-703"
],
"precision": "high"
},
"helpUri": "https://bandit.readthedocs.io/en/1.7.8/plugins/b101_assert_used.html"
}
],
"version": "1.7.8",
"semanticVersion": "1.7.8"
}
},
"invocations": [
{
"executionSuccessful": true,
"endTimeUtc": "2024-03-05T03:28:48Z"
}
],
"properties": {
"metrics": {
"_totals": {
"loc": 1,
"nosec": 0,
"skipped_tests": 0,
"SEVERITY.UNDEFINED": 0,
"CONFIDENCE.UNDEFINED": 0,
"SEVERITY.LOW": 1,
"CONFIDENCE.LOW": 0,
"SEVERITY.MEDIUM": 0,
"CONFIDENCE.MEDIUM": 0,
"SEVERITY.HIGH": 0,
"CONFIDENCE.HIGH": 1
},
"./examples/assert.py": {
"loc": 1,
"nosec": 0,
"skipped_tests": 0,
"SEVERITY.UNDEFINED": 0,
"SEVERITY.LOW": 1,
"SEVERITY.MEDIUM": 0,
"SEVERITY.HIGH": 0,
"CONFIDENCE.UNDEFINED": 0,
"CONFIDENCE.LOW": 0,
"CONFIDENCE.MEDIUM": 0,
"CONFIDENCE.HIGH": 1
}
}
},
"results": [
{
"message": {
"text": "Use of assert detected. The enclosed code will be removed when compiling to optimised byte code."
},
"level": "note",
"locations": [
{
"physicalLocation": {
"region": {
"snippet": {
"text": "assert True\n"
},
"endColumn": 11,
"endLine": 1,
"startColumn": 0,
"startLine": 1
},
"artifactLocation": {
"uri": "examples/assert.py"
},
"contextRegion": {
"snippet": {
"text": "assert True\n"
},
"endLine": 1,
"startLine": 1
}
}
}
],
"properties": {
"issue_confidence": "HIGH",
"issue_severity": "LOW"
},
"ruleId": "B101",
"ruleIndex": 0
}
]
}
],
"version": "2.1.0",
"$schema": "https://json.schemastore.org/sarif-2.1.0.json"
}
Added in version 1.7.8.