Home Original page

SARIF Home

SARIF

The Static Analysis Results Interchange Format (SARIF)
is an industry standard format for the output of static analysis tools.

Specification and documentation

The Static Analysis Results Interchange Format (SARIF) has been approved as an OASIS standard. The information and tools on this web site apply to SARIF Version 2.1.0, the version approved by the OASIS.

Collaborators

The SARIF project is supported by a group of industry contributors.

Contrast Sonar ForAllSecure Mend GrammaTech Micro Focus Microsoft GitHub, Inc.

Tools & Libraries

A collection of tools offering facilities for producing, consuming, and validating files in the SARIF format.
The source code is in the SARIF SDK GitHub repo. We welcome your contributions!

Viewers

SARIF is based on JSON and can be viewed in any text editor. For a richer experience the following open-source viewers are provided.

Visual Studio extension

For viewing and taking-action-on SARIF files within Visual Studio. Analysis results show up in the Error List, result details in a dockable tool window, and the results locations are overlayed on the original code (when available).

Visual Studio extension

VS Code extension

Same experience as the Visual Studio extension, but for those using Visual Studio Code.

VS Code extension

React component

A React-based component for viewing SARIF files.

React component