There are 1 repository under sarif topic.
⚙️ Scan your Go, Java, Kotlin, PHP, Python, JavaScript, TypeScript, .NET projects at GitHub with Qodana. This repository contains Qodana for Azure, GitHub, CircleCI and Gradle
User-friendly documentation for the SARIF file format.
Corax for Java: A general static analysis framework for java code checking.
Lint, format and auto-fix your Groovy / Jenkinsfile / Gradle files using command line
🔧 JetBrains Qodana’s official command line tool
:wheelchair: Suite of open and standards-based tools for performing reliable accessibility conformance testing at scale
A React-based component for viewing SARIF files.
Go library for sarif - Static Analysis Results Interchange Format
vexctl is a tool to attest VEX impact statements
🐚 GitHub Action for running ShellCheck differentially
GitHub Action for filtering Code Scanning alerts by path and id
GitHub issue manager from vulnerability scan results for private repositories
Machine output for Mix tasks
Combine multiple popular python security tools and generate reports or output into different formats
☕️ Java library for working with SARIF files by Qodana team
A template repository to help you get started with Code Scanning on GitHub
SARIF Explorer: A VSCode extension that helps you visualize and triage static analysis results
An Azure DevOps extension encapsulating the SARIF Web Component.
JS/TS library to easily build valid SARIF output from your javascript based SAST tools
A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflow
Validate your IAM Policies and SCPs with AWS Policy Validator, and convert those results into SARIF documents for reporting.
PHP code and supporting files for working with the Static Analysis Results Interchange Format (SARIF, see https://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html)
Adapters and tools for lintrunner
:construction: Kotlin bindings for SARIF file format (NOT READY YET)
SSC parser plugin for SARIF input files
Run this GitHub action to validate your Kubernetes resources with the Monokle SARIF validator.
Converts Azure Container Scan Action output to SARIF, for an easier integration with tools like GitHub Code Scanning
Bring-your-own PR annotations to any tool which outputs sarif
A tool to map source code elements to IR elements.