github.com/chavacava/garif
Package garif defines all the GO structures required to model a SARIF log file. These structures were created using the JSON-schema sarif-schema-2.1.0.json of SARIF logfiles available at https://github.com/oasis-tcs/sarif-spec/tree/master/Schemata. The package provides constructors for all structures (see constructors.go) These constructors ensure that the returned structure instantiation is valid with respect to the JSON schema and should be used in place of plain structure instantiation. The root structure is LogFile. The package provides utility decorators for the most commonly used structures (see decorators.go)
Readme
A GO package to create and manipulate SARIF logs.
SARIF, from Static Analysis Results Interchange Format, is a standard JSON-based format for the output of static analysis tools defined and promoted by OASIS.
Current supported version of the standard is SARIF-v2.1.0.
The package provides access to every element of the SARIF model, therefore you are free to manipulate it at every detail.
The package also provides constructors functions (New...) and decorators methods (With...) that simplify the creation of SARIF files for common use cases.
Using these constructors and decorators we can easily create the example SARIF file of the Microsoft SARIF pages
import to `github.com/chavacava/garif`
// ...
rule := garif.NewRule("no-unused-vars").
WithHelpUri("https://eslint.org/docs/rules/no-unused-vars").
WithShortDescription("disallow unused variables").
WithProperties("category", "Variables")
driver := garif.NewDriver("ESLint").
WithInformationUri("https://eslint.org").
WithRules(rule)
run := garif.NewRun(NewTool(driver)).
WithArtifactsURIs("file:///C:/dev/sarif/sarif-tutorials/samples/Introduction/simple-example.js")
run.WithResult(rule.Id, "'x' is assigned a value but never used.", "file:///C:/dev/sarif/sarif-tutorials/samples/Introduction/simple-example.js", 1, 5)
logFile := garif.NewLogFile([]*Run{run}, Version210)
logFile.Write(os.Stdout)
This package was initiated during my works on adding to revive a SARIF output formatter.
I've tried to use go-sarif by Owen Rumney but it is too focused in the use case of the static analyzer tfsec so I've decided to create a package flexible enough to generate SARIF files in broader cases.
For more information about SARIF, you can visit the Oasis Open site.
Of course, contributions are welcome!
FAQs
Package garif defines all the GO structures required to model a SARIF log file. These structures were created using the JSON-schema sarif-schema-2.1.0.json of SARIF logfiles available at https://github.com/oasis-tcs/sarif-spec/tree/master/Schemata. The package provides constructors for all structures (see constructors.go) These constructors ensure that the returned structure instantiation is valid with respect to the JSON schema and should be used in place of plain structure instantiation. The root structure is LogFile. The package provides utility decorators for the most commonly used structures (see decorators.go)
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The June TC39 meeting wrapped up this week with eight proposals moving on to the next stage. Here's a quick roundup of the features that the committee approved to advance.
Security News
Cyber extortion in the US and Canada hit record levels in 2023, with ransomware attacks surging and median ransom demands skyrocketing, though fewer companies are choosing to pay ransoms.
Security News
Ecma TC39 is meeting this week and has moved key ECMAScript proposals forward, advancing Deferred Import Evaluation, Error.isError(), RegExp Escaping, and Promise.try to the next stages.