-
Notifications
You must be signed in to change notification settings - Fork 668
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SARIF output handler #1726
Comments
That would be super helpful, as more tools are using it, and it can be integrated to other reports easily. |
hi @alfespa17 , our team is looking into your pr, will update you soon. Thank you for your contributions. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently there is an option to generate the output in JSON format that basically print the result array in this part of the code when using the parameter "--json=filename"
Example:
Adding a new output handler using a new parameter "--sarif=filename" could allow to export the result using SARIF format, this will allow to upload the result to any tool that support the specification.
In a high level the new parameter "--sarif=filename" could generate a SARIF file like this example
The command to generate that output could be like:
I already did a small poc creating a new output handler, is not really a big change in the code, it is just creating a new handler similar to the one that generate the JSON format but using the SARIF json structure.
I would like to help with this issue and send a PR if the cloudsploit team think that this feature could be usefull to other people that is currently using this tool.
The text was updated successfully, but these errors were encountered: