SARIF

OASIS Static Analysis Results Interchange Format (SARIF). SARIF is supported by many tools. More details about the format here: https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=sarif

Support for de-duplication (fingerprinting)

SARIF parser take into account data for fingerprinting. It’s base on fingerprints and partialFingerprints properties. It’s possible to activate de-duplication based on this data by customizing settings.

# in your settings.py file
DEDUPLICATION_ALGORITHM_PER_PARSER["SARIF"] = DEDUPE_ALGO_UNIQUE_ID_FROM_TOOL_OR_HASH_CODE

Sample Scan Data

Sample SARIF scans can be found here.

Last modified February 5, 2024: Update versions (738dca4)