shellcheck icon indicating copy to clipboard operation
shellcheck copied to clipboard

Published 20 hours ago verified publisher icon koalaman

Provide SARIF Output ?

Open nvuillam opened this issue 2 years ago • 5 comments

Hi, is it in the roadmap to make shellcheck provide SARIF output ? (SARIF is the OASIS common format for all analysis tools )

It would help improve its integration within MegaLinter :)

Best regards

nvuillam avatar Dec 07 '21 22:12 nvuillam

This format appears to be very specific to GitHub and highly over-engineered, so it's not currently in a state where I'd want to support it upstream. This issue can be left open in case that changes though.

koalaman avatar Dec 12 '21 00:12 koalaman

Thanks for your response It seems it really is becoming the standard output for all type of linters, not just for GitHub stuff ^^

Thanks for letting it open in case someone would like to make a PR :)

nvuillam avatar Dec 12 '21 00:12 nvuillam

@koalaman i am also looking forward for SARIF support from shellcheck

nishwalshetty avatar Apr 04 '22 07:04 nishwalshetty

I would love to see native SARIF support in ShellCheck, but I also know how complex the format specification is.

Maybe something to note is that there are at least two GitHub actions that can output ShellCheck findings in SARIF format:

jamacku avatar Sep 03 '22 18:09 jamacku

SARIF is by large becoming a standard with a reach far beyond github. It is being used by lint aggregators and dashboards (eg we are adding SARIF support to CodeChecker).

dgutson avatar Sep 12 '22 16:09 dgutson