Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

idea: add sarif output format #2866

Closed
ZyanKLee opened this issue May 20, 2022 · 2 comments · Fixed by #4723
Closed

idea: add sarif output format #2866

ZyanKLee opened this issue May 20, 2022 · 2 comments · Fixed by #4723
Labels
area: output Related to issue output enhancement New feature or improvement

Comments

@ZyanKLee
Copy link

Your feature request related to a problem? Please describe.

SARIF is becoming the de-facto industry standard for SAST scanning results. Several tools already support it, like for example gitlab, github and more.

When adding the golangci-lint action on github I was missing an option to choose SARIF as output format to allow github to import any findings into the security tab or as a check result set in pullrequests.

Using the action in its current form does not seem to satisfyingly link findings to their actual locations in the code.

Describe the solution you'd like.

I'd like to see a SARIF output format (output.format: sarif) and ideally an option to define an output file name.

Describe alternatives you've considered.

  • Using the action in its current form and live with the shortcomings.
  • Search for an alternative tool.

Additional context.

No response
@ZyanKLee ZyanKLee added the enhancement New feature or improvement label May 20, 2022
@boring-cyborg
Copy link

boring-cyborg bot commented May 20, 2022

Hey, thank you for opening your first Issue ! 🙂 If you would like to contribute we have a guide for contributors.

@nvuillam
Copy link

This would make much powerful the integration of golangci-lint within MegaLinter :)

@ldez ldez added area: output Related to issue output help wanted Issue that needs help from a contributor labels Mar 3, 2024
@SophisticaSean SophisticaSean mentioned this issue May 16, 2024
Merged
@ldez ldez removed the help wanted Issue that needs help from a contributor label Oct 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area: output Related to issue output enhancement New feature or improvement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Support Sarif output SophisticaSean/golangci-lint
3 participants
@ZyanKLee @ldez @nvuillam