Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added SARIF support to the CLI #43

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Added SARIF support to the CLI #43

wants to merge 1 commit into from

Conversation

obarrera
Copy link

No description provided.

@obarrera obarrera requested a review from a team as a code owner January 24, 2025 19:14
@obarrera obarrera requested review from bcomnes and nolanlawson and removed request for a team January 24, 2025 19:14
@github-actions GitHub Actions
Copy link

Version Check Failed

Please increment...

@github-actions GitHub Actions
Copy link

🚀 Preview package published!

Install with:

pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple socketsecurity==1.0.42.dev431

Docker image: socketdev/cli:pr-43

dacoburn
dacoburn approved these changes Jan 25, 2025
View reviewed changes
Copy link
Collaborator

@dacoburn dacoburn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall looks good, just have the one comment/question. Also update the following to the next version (1.0.43)

socket-python-cli/socketsecurity/__init__.py

Line 2 in 8b04089

__version__ = '1.0.42'

socketsecurity/socketcli.py
@@ -188,6 +196,25 @@ def output_console_comments(diff_report: Diff, sbom_file_name: str = None) -> No
else:
log.info("No New Security issues detected by Socket Security")

def output_console_sarif(diff_report: Diff, sbom_file_name: str = None) -> None:
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@obarrera is the intention to replace printing out to the console for JSON or table format or to have it save to a file? Right now this would replace JSON/TABLE output and print out in sarig format. The other option is still do the normal output and save a file for sarif. This definitely works but I'm not sure what is better as I haven't played with sending to Github.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dacoburn dacoburn dacoburn approved these changes

@bcomnes bcomnes Awaiting requested review from bcomnes bcomnes is a code owner automatically assigned from SocketDev/eng

@nolanlawson nolanlawson Awaiting requested review from nolanlawson nolanlawson is a code owner automatically assigned from SocketDev/eng

@flowstate flowstate Awaiting requested review from flowstate

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@obarrera @dacoburn