idea: add sarif output format #2866
Description
Your feature request related to a problem? Please describe.
SARIF is becoming the de-facto industry standard for SAST scanning results. Several tools already support it, like for example gitlab, github and more.
When adding the golangci-lint action on github I was missing an option to choose SARIF as output format to allow github to import any findings into the security tab or as a check result set in pullrequests.
Using the action in its current form does not seem to satisfyingly link findings to their actual locations in the code.
Describe the solution you'd like.
I'd like to see a SARIF output format (output.format: sarif) and ideally an option to define an output file name.
Describe alternatives you've considered.
- Using the action in its current form and live with the shortcomings.
- Search for an alternative tool.
Additional context.
No response
Activity
boring-cyborg commentedon May 20, 2022
Hey, thank you for opening your first Issue ! 🙂 If you would like to contribute we have a guide for contributors.
nvuillam commentedon Sep 10, 2022
This would make much powerful the integration of golangci-lint within MegaLinter :)