Add `--sarif-group-rules-by-pack` flag by edoardopirovano · Pull Request #546 · github/codeql-action (original) (raw)

This adds the --sarif-group-rules-by-pack to invocations of database analyze which will result in the SARIF produced having rule objects grouped under the QL pack they correspond to rather than appearing at the top level.

Merge / deployment checklist

~~Confirm this change is backwards compatible with existing workflows.~~ This change isn't quite compatible with existing workflows if the users are consuming the SARIF in a way other than uploading it to Code Scanning, as the tool.driver.rules field disappears in favour of <toolComponent>.rules fields. As I understand it we don't support this use case, though.
Confirm the readme has been updated if necessary.
Confirm the changelog has been updated if necessary.

Add --sarif-group-rules-by-pack flag by edoardopirovano · Pull Request #546 · github/codeql-action (original) (raw)

Merge / deployment checklist

Add `--sarif-group-rules-by-pack` flag by edoardopirovano · Pull Request #546 · github/codeql-action (original) (raw)