sarif

package

v0.12.1 Latest Latest Go to latest Published: Apr 6, 2026 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/grokify/gogithub

Links

Open Source Insights

Documentation ¶

Overview ¶

Package sarif provides helpers for uploading SARIF files to GitHub Code Scanning.

Index ¶

type ProcessingStatus
type UploadOptions
type UploadResult
- func Upload(ctx context.Context, gh *github.Client, owner, repo string, sarifData []byte, ...) (*UploadResult, error)
- func UploadFile(ctx context.Context, gh *github.Client, owner, repo, filePath string, ...) (*UploadResult, error)
type UploadStatus

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type ProcessingStatus ¶

type ProcessingStatus string

ProcessingStatus represents the status of a SARIF upload.

const (
	// StatusPending indicates the SARIF file is being processed.
	StatusPending ProcessingStatus = "pending"

	// StatusComplete indicates processing is complete.
	StatusComplete ProcessingStatus = "complete"

	// StatusFailed indicates processing failed.
	StatusFailed ProcessingStatus = "failed"
)

type UploadOptions ¶

type UploadOptions struct {
	// CommitSHA is the SHA of the commit to associate the upload with.
	// Required.
	CommitSHA string

	// Ref is the Git reference (branch or tag) to associate the upload with.
	// For branches, use "refs/heads/<branch>". For tags, use "refs/tags/<tag>".
	// Required.
	Ref string

	// CheckoutURI is the URI to the root of the repository checkout.
	// Optional. Example: "file:///github/workspace/"
	CheckoutURI string

	// ToolName is the name of the tool that generated the SARIF file.
	// Optional. If not set, GitHub will extract it from the SARIF file.
	ToolName string

	// StartedAt is when the analysis started.
	// Optional. Defaults to current time.
	StartedAt *time.Time
}

UploadOptions configures the SARIF upload.

type UploadResult ¶

type UploadResult struct {
	// SarifID is the identifier for the uploaded SARIF.
	SarifID string

	// URL is the API URL for checking upload status.
	URL string
}

UploadResult contains the result of a SARIF upload.

func Upload ¶

func Upload(ctx context.Context, gh *github.Client, owner, repo string, sarifData []byte, opts UploadOptions) (*UploadResult, error)

Upload uploads SARIF data to GitHub Code Scanning.

The data is gzip-compressed and base64-encoded as required by the GitHub API.

GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#upload-an-analysis-as-sarif-data

func UploadFile ¶

func UploadFile(ctx context.Context, gh *github.Client, owner, repo, filePath string, opts UploadOptions) (*UploadResult, error)

UploadFile reads a SARIF file, compresses it, and uploads to GitHub Code Scanning.

The file is gzip-compressed and base64-encoded as required by the GitHub API.

GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#upload-an-analysis-as-sarif-data

type UploadStatus ¶

type UploadStatus struct {
	// Status is the processing status: "pending", "complete", or "failed".
	Status ProcessingStatus

	// AnalysesURL is the URL to fetch the analyses associated with the upload.
	// Only available when status is "complete".
	AnalysesURL string
}

UploadStatus contains information about a SARIF upload's processing status.

func GetUploadStatus ¶

func GetUploadStatus(ctx context.Context, gh *github.Client, owner, repo, sarifID string) (*UploadStatus, error)

GetUploadStatus retrieves the processing status of a SARIF upload.

GitHub API docs: https://docs.github.com/rest/code-scanning/code-scanning#get-information-about-a-sarif-upload

func UploadAndWait ¶

func UploadAndWait(ctx context.Context, gh *github.Client, owner, repo, filePath string, opts UploadOptions, pollInterval time.Duration) (*UploadStatus, error)

UploadAndWait uploads a SARIF file and waits for processing to complete.

This is a convenience function that combines UploadFile and WaitForProcessing. pollInterval specifies how long to wait between status checks (default: 5s).

func WaitForProcessing ¶

func WaitForProcessing(ctx context.Context, gh *github.Client, owner, repo, sarifID string, pollInterval time.Duration) (*UploadStatus, error)

WaitForProcessing polls the upload status until processing is complete or the context is canceled.

pollInterval specifies how long to wait between status checks. Returns the final status when processing is complete or failed.

Source Files ¶

View all Source files

sarif.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL