Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/contrast-security-oss/java-sarif

POJOs generated from the Static Analysis Results Interchange Format (SARIF) JSON schema.
https://github.com/contrast-security-oss/java-sarif

Last synced: 9 months ago
JSON representation

POJOs generated from the Static Analysis Results Interchange Format (SARIF) JSON schema.

Awesome Lists containing this project

README 

          
# Java SARIF



Contains POJOs generated from the [Static Analysis Results Interchange Format 

](https://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html) (SARIF) 

[JSON schema](https://github.com/oasis-tcs/sarif-spec/blob/master/Schemata/sarif-schema-2.1.0.json).



It uses Jackson for serialising/deserialing from JSON.



## Usage



### Add as a dependency



```xml



  com.contrastsecurity

  java-sarif

  2.0



```



### Developing with Java SARIF



All classes reside in the `com.contrastsecurity.sarif` package. The JSON schema used to generate 

them is located in `src/main/resources/schema`.



#### Building Objects



Building is provided with method chaining, e.g. for Message



```java

import com.contrastsecurity.sarif.Message;

// ...

Message message = new Message()

    .withText("SQL Injection")

    .withMarkdown("# SQL Injection");

```



Public Getters & Setters are provided.



#### Jackson



Classes are decorated with `@JsonInclude(JsonInclude.Include.NON_DEFAULT)` and `@JsonPropertyOrder`

which dictates the order from the JSON schema.



```java

import com.fasterxml.jackson.annotation.JsonInclude;

import com.fasterxml.jackson.annotation.JsonProperty;

// ...

@JsonInclude(JsonInclude.Include.NON_DEFAULT)

@JsonPropertyOrder({

    "text",

    "markdown",

    "id",

    "arguments",

    "properties"

})

public class Message {

    // ...

}

```












This library uses [jsonschema2pojo](https://github.com/joelittlejohn/jsonschema2pojo) for 

generation.