sarif
There are 62 repositories under sarif topic.
microsoft/sarif-tutorials
User-friendly documentation for the SARIF file format.
JetBrains/qodana-action
⚙️ Scan your Go, Java, Kotlin, PHP, Python, JavaScript, TypeScript, .NET projects at GitHub with Qodana. This repository contains Qodana for Azure, GitHub, CircleCI and Gradle
Feysh-Group/corax-community
Corax for Java: A general static analysis framework for java code checking.
nvuillam/npm-groovy-lint
Lint, format and auto-fix your Groovy / Jenkinsfile / Gradle files using command line
JetBrains/qodana-cli
🔧 JetBrains Qodana’s official command line tool
AppThreat/sast-scan
Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
Siteimprove/alfa
:wheelchair: Suite of open and standards-based tools for performing reliable accessibility conformance testing at scale
microsoft/sarif-web-component
A React-based component for viewing SARIF files.
psastras/sarif-rs
A group of Rust projects for interacting with the SARIF format
owenrumney/go-sarif
Go library for sarif - Static Analysis Results Interchange Format
redhat-plumbers-in-action/differential-shellcheck
🐚 GitHub Action for running ShellCheck differentially
chainguard-dev/vex
vexctl is a tool to attest VEX impact statements
advanced-security/filter-sarif
GitHub Action for filtering Code Scanning alerts by path and id
m-mizutani/vulnivore
GitHub issue manager from vulnerability scan results for private repositories
trailofbits/vscode-sarif-explorer
SARIF Explorer: A VSCode extension that helps you visualize and triage static analysis results
hauleth/mix_machine
Machine output for Mix tasks
Vulnetix/vulnetix
Automate vulnerability triage which prioritizes remediation over discovery
JetBrains/qodana-sarif
☕️ Java library for working with SARIF files by Qodana team
nvuillam/node-sarif-builder
JS/TS library to easily build valid SARIF output from your javascript based SAST tools
FHPythonUtils/SimpleSecurity
Combine multiple popular python security tools and generate reports or output into different formats
jbelien/phpstan-sarif-formatter
SARIF formatter for PHPStan
advanced-security/monorepo-filtering-workaround
A monorepo filtering workaround for GitHub Advanced Security Code Scanning using renaming of the scanning tool in an Actions workflow
swinton/code-scanning-playground
A template repository to help you get started with Code Scanning on GitHub
llaville/sarif-php-sdk
PHP code and supporting files for working with the Static Analysis Results Interchange Format (SARIF, see https://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html)
microsoft/sarif-azuredevops-extension-legacy
An Azure DevOps extension encapsulating the SARIF Web Component.
georgealton/iam-sarif-report
Validate your IAM Policies and SCPs with AWS Policy Validator, and convert those results into SARIF documents for reporting.
chavacava/garif
A GO package to create and manipulate SARIF logs
dector/sarif-kotlin
:construction: Kotlin bindings for SARIF file format (NOT READY YET)
justinchuby/lintrunner-adapters
Adapters and tools for lintrunner
kubeshop/monokle-action
Run this GitHub action to validate your Kubernetes resources with the Monokle SARIF validator.
rm3l/container-scan-to-sarif
Converts Azure Container Scan Action output to SARIF, for an easier integration with tools like GitHub Code Scanning
airtower-luna/convert-to-sarif
Action to convert static analysis data to SARIF
eliblock/less-advanced-security
Bring-your-own PR annotations to any tool which outputs sarif
fortify/fortify-ssc-parser-sarif
SSC parser plugin for SARIF input files
davidmalcolm/sarif-dump
Python module for dumping SARIF logfiles in human-readable form