sarifs_status
Overview
| Name | sarifs_status |
| Type | Resource |
| Id | github.code_scanning.sarifs_status |
Fields
| Name | Datatype | Description |
|---|---|---|
errors | array | Any errors that ocurred during processing of the delivery. |
processing_status | string | pending files have not yet been processed, while complete means results from the SARIF have been stored. failed files have either not been processed at all, or could only be partially processed. |
analyses_url | string | The REST API URL for getting the analyses associated with the upload. |
Methods
| Name | Accessible by | Required Params | Description |
|---|---|---|---|
get_sarif | SELECT | owner, repo, sarif_id | Gets information about a SARIF upload, including the status and the URL of the analysis that was uploaded so that you can retrieve details of the analysis. For more information, see "Get a code scanning analysis for a repository." You must use an access token with the security_events scope to use this endpoint with private repos, the public_repo scope also grants permission to read security events on public repos only. GitHub Apps must have the security_events read permission to use this endpoint. |
upload_sarif | EXEC | owner, repo, data__commit_sha, data__ref, data__sarif | Uploads SARIF data containing the results of a code scanning analysis to make the results available in a repository. You must use an access token with the security_events scope to use this endpoint for private repositories. You can also use tokens with the public_repo scope for public repositories only. GitHub Apps must have the security_events write permission to use this endpoint.There are two places where you can upload code scanning results. - If you upload to a pull request, for example --ref refs/pull/42/merge or --ref refs/pull/42/head, then the results appear as alerts in a pull request check. For more information, see "Triaging code scanning alerts in pull requests."- If you upload to a branch, for example --ref refs/heads/my-branch, then the results appear in the Security tab for your repository. For more information, see "Managing code scanning alerts for your repository."You must compress the SARIF-formatted analysis data that you want to upload, using gzip, and then encode it as a Base64 format string. For example:<br />gzip -c analysis-data.sarif \| base64 -w0<br />SARIF upload supports a maximum of 5000 results per analysis run. Any results over this limit are ignored and any SARIF uploads with more than 25,000 results are rejected. Typically, but not necessarily, a SARIF file contains a single run of a single tool. If a code scanning tool generates too many results, you should update the analysis configuration to run only the most important rules or queries. The 202 Accepted, response includes an id value.You can use this ID to check the status of the upload by using this for the /sarifs/{sarif_id} endpoint.For more information, see "Get information about a SARIF upload." |