History | Log In     View a printable version of the current page.  
   HOME       BROWSE PROJECT       FIND ISSUES   
    QUICK SEARCH:  
Issue Details (XML | Word | Printable)

Key: QB-3186
Type: New Feature New Feature
Status: Open Open
Priority: Major Major
Assignee: Steve Luo
Reporter: Scott Hunter
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
QuickBuild

Add support for SARIF format reports created by Roslyn Analyzers

Created: 25/May/18 06:51 PM   Updated: 29/Jan/19 08:31 PM
Component/s: None
Affects Version/s: 8.0.5
Fix Version/s: None

Original Estimate: Unknown Remaining Estimate: Unknown Time Spent: Unknown


 Description  « Hide
Roslyn Analyzers are the replacement for FxCop code analysis. Output from these analyzers is produced in a JSON format called SARIF. These reports should be able to be published as a report similar to the existing FxCop report.

Here the Roslyn team describes how reports are produced: https://github.com/dotnet/roslyn/issues/430

Here is the SARIF spec: https://github.com/sarif-standard/sarif-spec

 All   Comments   Work Log   Change History      Sort Order:
[ Permlink | « Hide ]
Scott Hunter [29/Jan/19 08:31 PM]
I don't have any samples myself, but you may be able to find sample files on GitHub. I found these:

https://github.com/laedit/vika/blob/master/src/NVika.Tests/Data/static-analysis.sarif.json

and

https://github.com/SonarSource/sonar-dotnet/tree/master/sonar-dotnet-shared-library/src/test/resources/SarifParserTest

(note I am not associated with these projects, I just found them by searching GitHub)

[ Permlink | « Hide ]
Steve Luo [29/Jan/19 04:20 AM]
Hi,

Would you please attach some sample reports here or you can also send the reports to me (steve at pmease) by email?


Powered by Atlassian JIRA™ the Professional Issue Tracker. (Standard Edition, Version: 3.7.4-#189) - Bug/feature request - Contact Administrators