зеркало из https://github.com/github/docs.git
Missing originalUriBaseIds property from the SARIF specification (#35043)
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
This commit is contained in:
Родитель
9f36ca3562
Коммит
aec2b02ee0
|
@ -313,6 +313,86 @@ This SARIF output file has example values to show the minimum required propertie
|
|||
}
|
||||
```
|
||||
|
||||
### Relative URI Guidance for SARIF Producers
|
||||
|
||||
This SARIF output file has example of values for the field `originalUriBaseIds`, showing the minimum required properties a SARIF producer should include when using relative URI references.
|
||||
|
||||
{% note %}
|
||||
|
||||
**Note:** While this property is not required by {% data variables.product.prodname_dotcom %} for the {% data variables.product.prodname_code_scanning %} results to be displayed correctly, it is required to produce a valid SARIF output when using relative URI references.
|
||||
|
||||
{% endnote %}
|
||||
|
||||
```json
|
||||
{
|
||||
"$schema": "https://json.schemastore.org/sarif-2.1.0.json",
|
||||
"version": "2.1.0",
|
||||
"runs": [
|
||||
{
|
||||
"tool": {
|
||||
"driver": {
|
||||
"name": "Tool Name",
|
||||
"rules": [
|
||||
{
|
||||
"id": "R01"
|
||||
...
|
||||
"properties" : {
|
||||
"id" : "java/unsafe-deserialization",
|
||||
"kind" : "path-problem",
|
||||
"name" : "...",
|
||||
"problem.severity" : "error",
|
||||
"security-severity" : "9.8",
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"originalUriBaseIds": {
|
||||
"PROJECTROOT": {
|
||||
"uri": "file:///C:/Users/Mary/code/TheProject/",
|
||||
"description": {
|
||||
"text": "The root directory for all project files."
|
||||
}
|
||||
},
|
||||
"%SRCROOT%": {
|
||||
"uri": "src/",
|
||||
"uriBaseId": "PROJECTROOT",
|
||||
"description": {
|
||||
"text": "The root of the source tree."
|
||||
}
|
||||
}
|
||||
},
|
||||
"results": [
|
||||
{
|
||||
"ruleId": "R01",
|
||||
"message": {
|
||||
"text": "Result text. This result does not have a rule associated."
|
||||
},
|
||||
"locations": [
|
||||
{
|
||||
"physicalLocation": {
|
||||
"artifactLocation": {
|
||||
"uri": "fileURI",
|
||||
"uriBaseId": "%SRCROOT%"
|
||||
},
|
||||
"region": {
|
||||
"startLine": 2,
|
||||
"startColumn": 7,
|
||||
"endColumn": 10
|
||||
}
|
||||
}
|
||||
}
|
||||
],
|
||||
"partialFingerprints": {
|
||||
"primaryLocationLineHash": "39fa2ee980eb94b0:1"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
```
|
||||
|
||||
### Example showing all supported SARIF properties
|
||||
|
||||
This SARIF output file has example values to show all supported SARIF properties for {% data variables.product.prodname_code_scanning %}.
|
||||
|
|
Загрузка…
Ссылка в новой задаче