package sarif
Install
Dune Dependency
Authors
Maintainers
Sources
md5=f212bf4c34f8b931e8b9f369c5b4962a
sha512=3bb07935f827d002d8f3f6ef349a1a2be5e682765505814f7a6ba3ab3156ab6b0421941428c2bdfc9d33ad79b16da8d57a7bf114c581a06100b88f5f4ed9b842
Description
Static Analysis Results Interchange Format (SARIF) Version 2.1.0
README
README.md
API Documentation: https://gborough.github.io/sarif/sarif/sarif/index.html
SARIF(v2.1.0)
Reference implementation of the Static Analysis Results Interchange Format (SARIF) For OCaml, currently supporting version 2.1.0(latest: https://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html)
Note: You should always use the latest release of this library as it strives to represent the most correct model of sarif format
This library uses atdgen to generate ocaml types therefore familiarity with its naming and conversion convention is highly recommended
User Manual
Module organisation
The core type of sarif is: Sarif_v_2_1_0_t.sarif_json_schema
Sarif_v_2_1_0_t -> Generated ocaml types for all sarif objects and properties
Sarif_v_2_1_0_j -> Generated json helper functions for all relevant ocaml types
Sarif_v_2_1_0_v -> Generated validation functions for all relevant ocaml types
Sarif_v_2_1_0_util -> Utility functions which the validation functions rely on
Parsing example
Assume that a well-formed sarif json file "example.sarif" and we'd like to parse and print
open Core
open Sarif
let sarif_json = In_channel.read_all "example.sarif" in
let parsed_core_type = Sarif_v_2_1_0_j.sarif_json_schema_of_string sarif_json in
let core_type_string = Sarif_v_2_1_0_j.string_of_sarif_json_schema parsed_core_type in
print_endline core_type_string
Validation example
Assume that a malformed sarif json file "malformed.sarif" and we suspect the "runs" field is invalid
open Core
open Sarif
let sarif_json = In_channel.read_all "malformed.sarif" in
let parsed_core_type = Sarif_v_2_1_0_j.sarif_json_schema_of_string sarif_json in
let run = Sarif_v_2_1_0_j.string_of_run @@ List.hd_exn @@ parsed_core_type.runs in
let parsed_run = Sarif_v_2_1_0_j.run_of_string run in
let res = Sarif_v_2_1_0_util.validate_run parsed_run in
if res then print_endline "valid" else print_endline "invalid"
Or to validate payload via directly constructing the types with Sarif_v_2_1_0_t, we can use validation functions present in Sarif_v_2_1_0_v. Please refer to atdgen validation example(https://github.com/ahrefs/atd/tree/master/doc/atdgen-tutorial-data/validate)
License
This project is licensed under the MIT license.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in sarif by you, shall be licensed as MIT, without any additional terms or conditions.
Dependencies (8)
-
uri
>= "4.4.0"
- ppx_deriving
- timedesc
-
atdgen-runtime
>= "2.12.0"
-
atdgen
>= "2.10.0"
- re
-
dune
>= "3.12"
-
ocaml
>= "4.14.0"
Dev Dependencies (2)
-
odoc
with-doc
-
ppx_expect
with-test & < "v0.17"
Used by
None
Conflicts
None