GH-SARIF

Interact with Code Scanning analysis and SARIF files.

gh-sarif is a GitHub CLI extension.

Installation

gh extension install bagtoad/gh-sarif

Usage

Usage:
  gh sarif [command]

Available Commands:
  completion  Generate the autocompletion script for the specified shell
  delete      Delete a GitHub Code Scanning Analysis
  help        Help about any command
  list        List GitHub Code Scanning analyses for a repository
  upload      Upload a SARIF file to GitHub Code Scanning
  view        View GitHub Code Scanning analysis or SARIF results

Flags:
  -h, --help          help for gh-sarif
  -j, --json          Output JSON instead of text (includes additional fields)
  -R, --repo string   GitHub repository (format: owner/repo)

Use "gh sarif [command] --help" for more information about a command.

List Analyses for a Repository

gh sarif list

View Analysis Results in a Table

gh sarif view <analysis-id>

View Analysis Results as SARIF

gh sarif view <analysis-id> --sarif

View Analysis Results as CSV

gh sarif view <analysis-id> --csv

View Analysis Results from a Local SARIF File

gh sarif view <path-to-sarif-file>

Upload a SARIF File to GitHub Code Scanning

gh sarif upload <commit-sha> <ref> <path-to-sarif-file>

Delete an Analysis

gh sarif delete <analysis-id>

Delete Multiple Analyses

gh sarif delete <analysis-id> <analysis-id> <analysis-id>...

Delete All Analyses in the set Except the Last

gh sarif delete <analysis-id> --delete-all

Delete All Analyses in the set, Including the Last

gh sarif delete <analysis-id> --delete-all --confirm-delete

or

gh sarif delete <analysis-id> --purge