Support SARIF
The Static Analysis Results Interchange Format (SARIF) is an industry standard format for the output of static analysis tools ^1. See a user-friendly documentation for the SARIF file format ^2.
This page contains tools that support SARIF format and thus can be easily integrated in CI.
- Tracked in another place
- GitLab, Issue#118496
- Clang Analyzer, pull-request
- Clang
- CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Issue#4036.
- Codespell, Issue#1455
- CTest, Issue#23486
- CBMC (cbmc-viewer), PR#8835 adds an option
--sarif-ui, Issue#149 - LuaCheck
- Mull, Issue#953
- pip-audit
- https://github.com/microsoft/sarif-sdk/tree/master/src/Sarif.Converters
- ReviewDog converts popular output formats to SARIF.
- SARIF Tools - is set of command line tools and Python library for working with SARIF files.
- JUnit
- sarif-junit aims to convert a SARIF output file from a linter to a JUnit XML output file. It could be used inside GitLab to show which tests are failing in the CI/CD pipeline.
- HTML, https://github.com/microsoft/sarif-web-component
Learning
- Glossary
- Translation
- Books:
- Courses
- Learning Tools
- Bugs And Learned Lessons
- Cheatsheets
Tools / Services / Tests
- Code complexity
- Quality Assurance Tools
- Test Runners
- Testing-As-A-Service
- Conformance Test Suites
- Test Infrastructure
- Fault injection
- TTCN-3
- Continuous Integration
- Speedup your CI
- Performance
- Formal Specification
- Toy Projects
- Test Impact Analysis
- Formats
Functional testing
- Automated testing
- By type:
WIP sections
Community
Links