Certain objects in this document define messages intended to be viewed by a user.
SARIF represents such a message with a message object, which offers the following features:
- Message strings in plain text (“plain text messages”).
- Message strings that incorporate formatting information (“formatted messages”) in GitHub Flavored Markdown.
- Message strings with placeholders for variable information.
- Message strings with embedded links.
{
"$schema": "https://json.schemastore.org/sarif-2.1.0.json",
"version": "2.1.0",
"runs": [
{
"tool": {
"driver": {
"name": "ESLint",
"semanticVersion": "8.1.0",
"informationUri": "https://eslint.org",
"rules": [
{
"id": "no-unused-vars",
"shortDescription": {
"text": "disallow unused variables"
},
"helpUri": "https://eslint.org/docs/rules/no-unused-vars",
"properties": {
"category": "Variables"
}
}
]
}
},
"results": [
{
"message": {
"text": "'x' is assigned a value but never used."
},
"ruleId": "no-unused-vars",
"ruleIndex": 0,
"level": "error"
}
]
}
]
}{
"$schema": "https://json.schemastore.org/sarif-2.1.0.json",
"version": "2.1.0",
"runs": [
{
"tool": {
"driver": {
"name": "CodeScanner",
"semanticVersion": "1.1.2-beta.12",
"informationUri": "https://codeScanner.dev"
}
},
"results": [
{
"message": {
"text": "Variable '{0}' is uninitialized.",
"arguments": [
"pBuffer"
]
},
"ruleId": "CA2101"
}
]
}
]
}{
"$schema": "https://json.schemastore.org/sarif-2.1.0.json",
"version": "2.1.0",
"runs": [
{
"tool": {
"driver": {
"name": "CodeScanner",
"semanticVersion": "1.1.2-beta.12",
"informationUri": "https://codeScanner.dev"
}
},
"results": [
{
"message": {
"text": "Tainted data was used. The data came from [here](3)."
},
"ruleId": "TNT0001",
"relatedLocations": [
{
"id": 3,
"physicalLocation": {
"artifactLocation": {
"uri": "file:///C:/code/input.c"
},
"region": {
"startLine": 25,
"startColumn": 19
}
}
}
]
}
]
}
]
}{
"$schema": "https://json.schemastore.org/sarif-2.1.0.json",
"version": "2.1.0",
"runs": [
{
"tool": {
"driver": {
"name": "CodeScanner",
"semanticVersion": "1.1.2-beta.12",
"informationUri": "https://codeScanner.dev",
"rules": [
{
"id": "CS0001",
"messageStrings": {
"default": {
"text": "This is the message text. It might be very long."
}
}
}
]
}
},
"results": [
{
"message": {
"id": "default"
},
"ruleId": "CS0001",
"ruleIndex": 0
}
]
}
]
}See full examples/message/plainText.php script into repository.
Note
Since release 1.5.0, you may use fluent builders API as alternative.
See full examples/builder/plainText.php script into repository.
<?php
use Bartlett\Sarif\Definition\Message;
use Bartlett\Sarif\Definition\Result;
$message = new Message("'x' is assigned a value but never used.");
$result = new Result($message);
$result->setLevel('error');
$result->setRuleId('no-unused-vars');
$result->setRuleIndex(0);See full examples/message/formatted.php script into repository.
Note
Since release 1.5.0, you may use fluent builders API as alternative.
See full examples/builder/formatted.php script into repository.
<?php
use Bartlett\Sarif\Definition\Message;
use Bartlett\Sarif\Definition\Result;
$message = new Message("Variable '{0}' is uninitialized.");
$message->addArguments(['pBuffer']);
$result = new Result($message);
$result->setRuleId('CA2101');See full examples/message/embeddedLinks.php script into repository.
Note
Since release 1.5.0, you may use fluent builders API as alternative.
See full examples/builder/embeddedLinks.php script into repository.
<?php
use Bartlett\Sarif\Definition\ArtifactLocation;
use Bartlett\Sarif\Definition\Location;
use Bartlett\Sarif\Definition\Message;
use Bartlett\Sarif\Definition\PhysicalLocation;
use Bartlett\Sarif\Definition\Region;
use Bartlett\Sarif\Definition\Result;
$message = new Message('Tainted data was used. The data came from [here](3).');
$result = new Result($message);
$result->setRuleId('TNT0001');
$location = new Location();
$location->setId('3');
$artifactLocation = new ArtifactLocation();
$artifactLocation->setUri('file:///C:/code/input.c');
$physicalLocation = new PhysicalLocation($artifactLocation);
$physicalLocation->setRegion(new Region(25, 19));
$location->setPhysicalLocation($physicalLocation);
$result->addRelatedLocations([$location]);See full examples/message/stringLookup.php script into repository.
Note
Since release 1.5.0, you may use fluent builders API as alternative.
See full examples/builder/stringLookup.php script into repository.
<?php
use Bartlett\Sarif\Definition\Message;
use Bartlett\Sarif\Definition\MultiformatMessageString;
use Bartlett\Sarif\Definition\ReportingDescriptor;
use Bartlett\Sarif\Definition\Result;
$rule = new ReportingDescriptor('no-unused-vars');
$rule->setId('CS0001');
$rule->addMessageStrings([
'default' => new MultiformatMessageString('This is the message text. It might be very long.'),
]);
$message = new Message(
'A message object can directly contain message strings in its text and markdown properties.'
. ' It can also indirectly refer to message strings through its id property.'
);
$result = new Result($message);
$result->setRuleId('CS0001');
$result->setRuleIndex(0);
$result->setMessage(new Message('', 'default'));