felickz/awesome-sarif

🚧 The start of something awesome for SARIF...

awesome-sarif

🚧 The start of something awesome for SARIF...

GitHub Advanced Security SARIF

• Partner Documentation: Integrating with Code Scanning
• PartialFingerprints implementation - TypeScript implementation of a hash method that computes a rolling hash for every line in the input.

SARIF Viewers

• React SARIF Viewer - A React-based component for viewing SARIF files.
• VSCode SARIF Viewer - Adds support for viewing SARIF logs
• Visual Studio SARIF Viewer - Visual Studio Static Analysis Results Interchange Format (SARIF) log file viewer
• JetBrains SARIF Viewer - SARIF viewer to view the results of static analysis tools in the IDE (Compatible with IntelliJ IDEA, Android Studio, AppCode, Aqua, CLion, DataGrip, DataSpell, GoLand, MPS, PhpStorm, PyCharm (Professional, Community), Rider, RubyMine, RustRover, WebStorm)
• Azure DevOps SARIF SAST Scans Tab - Adds a 'Scans' tab to each Build Result and Work Item for viewing associated SARIF SAST logs.
• sarif-fmt - View (pretty print) SARIF files in terminal

SARIF Validation

• SARIF Validator - View and validate your SARIF (GitHub ingestion rules + Azure DevOps ingestion rules)

SARIF Tools

• sarifweb.azurewebsites.net - A collection of tools offering facilities for producing, consuming, and validating files in the SARIF format.
• hohn/sarif-cli - Command line tools for working with SARIF files. The main tools are: sarif-extract-scans-runner, sarif-aggregate-scans,sarif-create-aggregate-report.