Refactor DGP off Sarif4k #5864

cortinico · 2023-02-28T15:04:16Z

Is the remaining action that we should refactor DGP off Sarif4k so that

chao2zhang · 2023-03-08T17:36:49Z

There are two ways I can think of

Depend on simplejson to do lightweight parsing and merging
Because gradle bundles with GSON or Jackson, we can define the object mapping for Sarif in Gson or Jackson.

cortinico · 2023-03-08T18:41:17Z

Because gradle bundles with GSON or Jackson, we can define the object mapping for Sarif in Gson or Jackson.

I would prefer this one as it won't bring any extra dependency

TWiStErRob · 2023-05-19T12:57:36Z

Would package relocation be an option that might be simpler to achieve without a rewrite of I/O in Detekt?

cortinico · 2023-05-20T11:54:49Z

Yup that's also an option. Still we use just one method of Sarif4k in DGP, so refactoring might be preferred

TWiStErRob · 2023-05-21T13:48:22Z

I was curious how it would look like, so I raised #6117.

schalkms added the improvement label Apr 2, 2023

TWiStErRob mentioned this issue May 21, 2023

Replace sarif4k usage with Groovy JSON from gradleApi() in detekt-gradle-plugin #6117

Merged

cortinico closed this as completed in #6117 May 22, 2023

Provide feedback