Module sarif Copy item path Source Address A physical or virtual address, or a range of addresses, in an ‘addressable region’ (memory or a
binary file). Artifact A single artifact. In some cases, this artifact might be nested within another artifact. ArtifactChange A change to a single artifact. ArtifactContent Represents the contents of an artifact. ArtifactLocation Specifies the location of an artifact. Attachment An artifact relevant to a result. CodeFlow A set of threadFlows which together describe a pattern of code execution relevant to detecting
a result. ConfigurationOverride Information about how a specific rule or notification was reconfigured at runtime. Conversion Describes how a converter transformed the output of a static analysis tool from the analysis
tool’s native output format into the SARIF format. Edge Represents a directed edge in a graph. EdgeTraversal Represents the traversal of a single edge during a graph traversal. Exception Describes a runtime exception encountered during the execution of an analysis tool. ExternalProperties The top-level element of an external property file. ExternalPropertyFileReference Contains information that enables a SARIF consumer to locate the external property file that
contains the value of an externalized property associated with the run. ExternalPropertyFileReferences References to external property files that should be inlined with the content of a root log
file. Fix A proposed fix for the problem represented by a result object. A fix specifies a set of
artifacts to modify. For each artifact, it specifies a set of bytes to remove, and provides a
set of new bytes to replace them. Graph A network of nodes and directed edges that describes some aspect of the structure of the code
(for example, a call graph). GraphTraversal Represents a path through a graph. Invocation The runtime environment of the analysis tool run. Location A location within a programming artifact. LocationRelationship Information about the relation of one location to another. LogicalLocation A logical location of a construct that produced a result. Message Encapsulates a message intended to be read by the end user. MultiformatMessageString A message string or message format string rendered in multiple formats. Node Represents a node in a graph. Notification Describes a condition relevant to the tool itself, as opposed to being relevant to a target
being analyzed by the tool. PhysicalLocation A physical location relevant to a result. Specifies a reference to a programming artifact
together with a range of bytes or characters within that artifact. PropertyBag Key/value pairs that provide additional information about the object. Rectangle An area within an image. Region A region within an artifact where a result was detected. Replacement The replacement of a single region of an artifact. ReportingConfiguration Information about a rule or notification that can be configured at runtime. ReportingDescriptor Metadata that describes a specific report produced by the tool, as part of the analysis it
provides or its runtime reporting. ReportingDescriptorReference Information about how to locate a relevant reporting descriptor. ReportingDescriptorRelationship Information about the relation of one reporting descriptor to another. Result A result produced by an analysis tool. ResultProvenance Contains information about how and when a result was detected. Run Describes a single run of an analysis tool, and contains the reported output of that run. RunAutomationDetails Information that describes a run’s identity and role within an engineering system process. Sarif SpecialLocations Defines locations of special significance to SARIF consumers. Stack A call stack that is relevant to a result. StackFrame A function call within a stack trace. Suppression A suppression that is relevant to a result. ThreadFlow Describes a sequence of code locations that specify a path through a single thread of execution
such as an operating system or fiber. ThreadFlowLocation A location visited by an analysis tool while simulating or monitoring the execution of a
program. Tool The analysis tool that was run. ToolComponent A component, such as a plug-in or the driver, of the analysis tool that was run. ToolComponentReference Identifies a particular toolComponent object, either the driver or an extension. TranslationMetadata Provides additional metadata related to translation. VersionControlDetails Specifies the information necessary to retrieve a desired revision from a version control
system. WebRequest Describes an HTTP request. WebResponse Describes the response to an HTTP request. ArtifactRoles The role or roles played by the artifact in the analysis. BuilderError ExternalPropertiesVersion The SARIF format version of this external properties object. NotificationLevel A value specifying the severity level of the result. ReportingConfigurationLevel Specifies the failure level for the report. ResultBaselineState The state of a result relative to a baseline of a previous run. ResultColumnKind Specifies the unit in which the tool measures columns. ResultKind A value that categorizes results by evaluation state. ResultLevel A value specifying the severity level of the result. SupressionKind A string that indicates where the suppression is persisted. SupressionStatus A string that indicates the review status of the suppression. ThreadFlowLocationImportance Specifies the importance of this location in understanding the code flow in which it occurs. The order from most to least important is “essential”, “important”, “unimportant”. Default: “important”. ToolComponentContents The kinds of data contained in this object. Version The SARIF format version of this log file. SCHEMA_URL