gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-20 14:22:50 -08:00
Code Issues Packages Projects Releases Wiki Activity

Added sarif template (#558)

Browse Source 
* Added sarif template

* Updated readme

* fixed tests

* Added integration tests and fixed all sarif validations issues

* Added tests for endWithPeriod

* Fixed tests, and added sarif golden file

* removed optional newline sequence
This commit is contained in:
rahul2393
2020-07-17 23:38:50 +05:30
committed by GitHub
parent 4f90b114ea
commit 43085a80bc
6 changed files with 226 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
contrib/sarif.tpl Normal file
View File

@@ -0,0 +1,64 @@
{
"$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
"version": "2.1.0",
"runs": [
{
"tool": {
"driver": {
"name": "Trivy: Vulnerability Scanner for Containers",
"rules": [
{{- $t_first := true }}
{{- range . }}
{{- range .Vulnerabilities -}}
{{- if $t_first -}}
{{- $t_first = false -}}
{{ else -}}
,
{{- end }}
{
"id": "[{{ .Vulnerability.Severity }}] {{ .VulnerabilityID }}",
"name": "container_scanning",
"shortDescription": {
"text": {{ printf "error found in package %s." (print .PkgName .Title ) | printf "%q" }}
},
"fullDescription": {
"text": {{ endWithPeriod .Description | printf "%q" }}
},
"defaultConfiguration": null,
"properties": {
"tags": [
"{{ .PkgName }}"
],
"precision": "very-high"
}
}
{{- end -}}
{{- end -}}
]
}
},
"results": [
{{- $t_first := true }}
{{- range . }}
{{- range $index, $vulnerability := .Vulnerabilities -}}
{{- if $t_first -}}
{{- $t_first = false -}}
{{ else -}}
,
{{- end }}
{
"ruleId": "[{{ $vulnerability.Vulnerability.Severity }}] {{ $vulnerability.VulnerabilityID }}",
"ruleIndex": {{ $index }},
"level": "error",
"message": {
"text": {{ endWithPeriod $vulnerability.Description | printf "%q" }}
},
"locations": []
}
{{- end -}}
{{- end -}}
],
"columnKind": "utf16CodeUnits"
}
]
}