sl sarif export
The sarif export command allows you to export Qwiet findings in the Static Analysis Results Interchange Format (SARIF). This feature is primarily designed to export findings to import into GitHub Code Scanning.
Usage
To run: sl sarif export [command options]
Command options
For easy reuse in future analyses, you can store some command-related information as environment variables (we've provided the specific environment variable below). Note that the values for options set via environment variables override those set in a configuration file (which, in turn, are overridden by those specified via command-line flags).
| Option | Environment variable | Description |
|---|---|---|
--report-file <path> | Path to store the generated SARIF report (default: output.sarif) | |
--scan <ID> | The scan ID to use for fetching findings | |
--app <name> or -a <name> | SHIFTLEFT_APP=<name> | The name of the application the analysis is for |