-
-
Notifications
You must be signed in to change notification settings - Fork 898
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Sarif Output Format #5973
Comments
Hi, thank you for this suggestion, I'd appreciate if you'd contribute it yourself. Implementing a custom error formatter is really easy: https://phpstan.org/developing-extensions/error-formatters |
My implementation is over with basic unit tests (1 PASSED, 1 FAILED) following JsonErrorFormatter, and results LGTM. I'll propose a PR tomorrow ! Here are some preview when analyze PHPStan code code
results
|
PR phpstan/phpstan-src#765 available |
Any chance this could be re-open (since phpstan/phpstan-src#765 has been closed) ? It would be really neat to have SARIF as output format so we can use PHPStan as Code Scanning Tool in GitHub (uploaded with https://github.com/github/codeql-action/blob/main/upload-sarif/action.yml) |
EDIT: No it doesn't seem to be SARIF format. |
There's now a package you can use: https://github.com/jbelien/phpstan-sarif-formatter |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Feature request
SARIF (Static Analysis Results Interchange Format) is an OASIS Standard that defines an output file format. The SARIF standard is used to streamline how static analysis tools share their results by implementing a subset of the SARIF 2.1.0 JSON schema.
I'd like to see a new sarif output format in PHPStan.
Other Static Tool Analysers like
Because I don't found any PHP library that support SARIF v2 specifications, I've published a PHP SDK as a new bartlett/sarif-php-sdk package already available on packagist that implement the full v2.1.0 specifications.
There are many examples of all Sarif objects, in my github project page, that make it easy to include in any other PHP Static Tool Analyser.
Your feedbacks are welcome !
The text was updated successfully, but these errors were encountered: