Jeeppler

@h3xstream > The SARIF is however implemented in https://github.com/spotbugs/spotbugs does that mean I should open the issue for the SARIF taxonomy in the SpotBugs repo?

@h3xstream I would like to contribute the SARIF taxonomy feature, but I need some directions where to start.

@h3xstream thanks. I will have a look 👍

@h3xstream the new [SpotBugs 4.8.0 release](https://github.com/spotbugs/spotbugs/releases/tag/4.8.0) contains the CWE taxonomy for the SARIF report. Now, what is needed is a new release of Find Security Bugs using SpotBugs 4.8.0.

@gabriel-cx thank you for the fast response.

@anterosilva1985 thanks for the information.

A useful feature would be formatting.