[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Issue #232: Why isn't results array required?
We had a detailed discussion of this in TC #24, so I wanted to show you where I landed in expressing our conclusions: 3.11.18 results propertyDepending on the circumstances, a run object either SHALL or MAY contain a property named results whose value is an array of zero or more result objects (§3.19), each of which represents a single result detected in the course of the run. NOTE: The results array is not defined to contain unique (§3.6.2) elements because some tools report a line number but not a column number for a result’s location. Such a tool might report the same result twice on the same line, in some cases producing multiple identical result objects. If the tool failed to start, and if the engineering system system responsible for running the tool synthesized a SARIF file to record the failure, then results MAY be absent. If present, it SHALL be empty. See §3.14.12, invocation.processStartFailureMessage, for more about this scenario. If the tool started but failed to begin its analysis (for example, because its command line was invalid), then again results MAY be absent, and again, if present, it SHALL be empty. In all other circumstances, results SHALL be present and SHALL contain all results detected by the tool. If the tool did not detect any results, results SHALL be present and SHALL be empty. Thanks, Larry |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]