Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space SDmaster and version 1.24

...

The QL command-line tools are able to produce multiple versions of SARIF. For further information on selecting a file format for your analysis results, see analyzeSnapshot.  You can also download results from LGTM in sarifv2.1.0 format. For further information on exporting results from LGTM, seeExporting alerts to SARIFin the LGTM help.

...

The output produced for a given specific format type (for example  sarifv2.1.0) may change in future Semmle releases. We will endeavour endeavor to maintain backwards compatibility with consumers of the generated SARIF by ensuring that:

...

JSON property nameWhen is this generated?Notes
nameAlways

Set to “Semmle Core” for output from the QL command-line tools. Note, if the output was generated using a different tool a different name is reported, and the format may not be as described here.

productSuiteorganizationAlwaysSet to “Semmle”.
versionAlwaysSet to the Semmle release version e.g. “1.20.2”.
rulesAlwaysAn array of reportingDescriptor objects that represent rules. This array will contain, at a minimum, all the rules that were run during this analysis, but may contain rules which were available but not run. For more detail about enabling queries, see defaultConfiguration.

...

JSON property nameWhen is this generated?Notes
charOffsetAlwaysOptionallyProvided if startLinestartColumnendLine, and endColumn are not populated
charLengthAlwaysOptionallyProvided if startLinestartColumnendLine, and endColumn are not populated
snippetOptionally

...