sarif-sdk

The SARIF SDK contains .NET code and supporting files for working with the Static Analysis Results Interchange Format (SARIF). For more information about SARIF, see the SARIF Home Page. You can read the SARIF specification, or file issues in the SARIF GitHub repo.

Getting started

To add the SARIF SDK to your project, install the Sarif.Sdk NuGet package. Sarif.Sdk depends on Newtonsoft.Json, which is installed automatically when you install Sarif.Sdk.

The types in the SARIF SDK are in the Microsoft.CodeAnalysis.Sarif namespace.

The SARIF SDK provides a set of classes which represent the elements of the SARIF format. We refer to this as the "SARIF object model". The root type that represents a SARIF log file is SarifLog. Other types in the SARIF object model are Result, PhysicalLocation, etc..

Note: The SARIF SDK's build process automatically generates the SARIF object model classes from the SARIF JSON schema, which you can find at src/Sarif/Schemata/sarif-schema.json. Although these files do exist in the repo (under src/Sarif/Autogenerated), you should never edit them by hand.

In addition to the object model, the SARIF SDK provides a set of helper classes to facilitate using Newtonsoft.Json to read and write SARIF log files.

Building the SDK

If you want to build the SDK from source, rather than consuming the NuGet package, proceed as follows:

Install .NET Core SDK 2.0 from https://www.microsoft.com/net/download/core
Ensure that Visual Studio 2017 is installed on your machine.

You can build in VS 2017, but at present the build requires certain assemblies that are supplied only in VS 2015, so it must be present.
Ensure that your Visual Studio installation includes the components that support
- C# development
- C++ development
- Visual Studio extension (VSIX) development
Open a Visual Studio 2017 Developer Command Prompt Window.
From the root directory of your local repo, run the command BuildAndTest.cmd. This restores all necessary NuGet packages, builds the SDK, and runs all the tests.

All build output appears in the bld\ subdirectory of the repo root directory.

NOTE: You must run BuildAndTest.cmd once before attempting to build in Visual Studio, to ensure that all required NuGet packages are available.
After you have run BuildAndTest.cmd once, you can open any of the solution files in the src\ directory in Visual Studio 2017, and build them by running Rebuild Solution.

Installing VISUAL STUDIO SARIF VIEWER EXTENSION

Run BuildAndTest.ps1 to
- Build,
- Install the SARIF Visual Studio Extension and
- Add Registry settings to open the .SARIF in Visual Studio.

Accomplishing common tasks

To learn how to accomplish common tasks with the SARIF SDK, such as reading and writing files from disk, see the How To page.

Code of conduct

This project has adopted the Microsoft Open Source Code of Conduct. For more information, see the Code of Conduct FAQ, or contact opencode@microsoft.com with any additional questions or comments.

Name		Name	Last commit message	Last commit date
Latest commit History 2,647 Commits
.nuget		.nuget
appveyor		appveyor
docs		docs
scripts		scripts
src		src
.gitattributes		.gitattributes
.gitignore		.gitignore
BeforeBuild.sh		BeforeBuild.sh
BuildAndTest.cmd		BuildAndTest.cmd
BuildPackagesFromLayoutDirectory.cmd		BuildPackagesFromLayoutDirectory.cmd
DelistCurrentPackages.cmd		DelistCurrentPackages.cmd
GeneratedKey.snk		GeneratedKey.snk
LICENSE		LICENSE
NuGet.Config		NuGet.Config
PublishSignedPackages.cmd		PublishSignedPackages.cmd
README.md		README.md
RunTests.cmd		RunTests.cmd
appveyor.yml		appveyor.yml
dotnet-install.ps1		dotnet-install.ps1
triskelion.png		triskelion.png

License

pascalberger/sarif-sdk

Folders and files

Latest commit

History

Repository files navigation

sarif-sdk

Getting started

Building the SDK

Installing VISUAL STUDIO SARIF VIEWER EXTENSION

Accomplishing common tasks

Code of conduct

About

Resources

License

Stars

Watchers

Forks

Languages