Contains POJOs generated from the Static Analysis Results Interchange Format (SARIF) JSON schema.
It uses Jackson for serialising/deserialing from JSON.
<dependency>
<groupId>com.contrastsecurity</groupId>
<artifactId>java-sarif</artifactId>
<version>2.0</version>
</dependency>
All classes reside in the com.contrastsecurity.sarif
package. The JSON schema used to generate
them is located in src/main/resources/schema
.
Building is provided with method chaining, e.g. for Message
import com.contrastsecurity.sarif.Message;
// ...
Message message = new Message()
.withText("SQL Injection")
.withMarkdown("# SQL Injection");
Public Getters & Setters are provided.
Classes are decorated with @JsonInclude(JsonInclude.Include.NON_DEFAULT)
and @JsonPropertyOrder
which dictates the order from the JSON schema.
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.annotation.JsonProperty;
// ...
@JsonInclude(JsonInclude.Include.NON_DEFAULT)
@JsonPropertyOrder({
"text",
"markdown",
"id",
"arguments",
"properties"
})
public class Message {
// ...
}
This library uses jsonschema2pojo for generation.