Exporting alerts as SARIF
You can export the LGTM alerts displayed on screen to a SARIF file. You may want to do this to see the alerts in your code, using a source code editor such as Microsoft Visual Studio or Microsoft Visual Studio Code. (For Visual Studio, you can download and install the free Microsoft SARIF Viewer extension.)
You can export to SARIF from two places in LGTM: the project Alerts and Files pages. The contents of the export—that is, the metadata of the corresponding queries—are controlled by the alert filters you set on the page (for more information on filters, see Alert filtering) and the data that gets exported depends on the page itself:
- Alerts page—exporting alerts from this page exports alerts that match the current filters.
- Files page—exporting alerts from this page exports alerts that match the current filters, and that are located inside the current subdirectory (recursively).
To export the displayed LGTM alerts to a SARIF file:
- Open LGTM.
- Select your project.
- Navigate to the Files page or the Alerts page for your project.
- Click Export alerts (right side). The screenshot below shows where to find the button on the Files page (). A brief message stating "Preparing to export alerts" is displayed. The waiting time may be longer for projects with a large number of alerts.
- Depending on the web browser you are using, you may be asked where you want to save the SARIF file, or it may be saved in your usual area for downloads. The filename is of the following format:
<project name>__<export date+time>__export.sarif.
- Open the SARIF file in Visual Studio Code or another SARIF viewer. You'll need to map the source files to the correct file in your project.
Note that any suppressed alerts that meet the export requirements you've set are included in the export. These are marked as suppressed in the SARIF file. For more information on how alerts can be suppressed in LGTM, see Alert suppression.