hohn/codeql-cli-end-to-end
1
0
Fork 0
mirror of https://github.com/hohn/codeql-cli-end-to-end.git synced 2025-12-16 13:13:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Comparing analysis results across sarif files

Browse Source
This commit is contained in:
Michael Hohn
2023-06-21 19:27:09 -07:00
committed by =Michael Hohn
parent 778bca3ed3
commit 7bade5bda9
1 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
doc/readme.in
View File

@@ -923,9 +923,16 @@ git checkout 203343df
Use the [[*SARIF viewer plugin][SARIF viewer plugin]] for detailed review and working with the results Use the [[*SARIF viewer plugin][SARIF viewer plugin]] for detailed review and working with the results
/ queries. Use the [[*sarif-cli][sarif-cli]] for quick command-line comparison. / queries. Use the [[*sarif-cli][sarif-cli]] for quick command-line comparison.
*** Expand query ** Comparing analysis results across sarif files
** Compare results. Use the [[*sarif-cli][sarif-cli]].
*** sarif-cli using compiler-style dump
Options:
- use =sarif-results-summary= on each sarif result file individually, then
compare the resulting text files via =diff=-style tools
- (powerful, but effort required) if your version of CodeQL is compatible, use
=sarif-extract-scans-runner= to put all results into an SQL database and use
that to query the results.
** Miscellany ** Miscellany
- Scale factor for building DBs: Common case: 15 minutes for a parallel cpp - Scale factor for building DBs: Common case: 15 minutes for a parallel cpp
compilation can be a 2 hour database build for codeql. compilation can be a 2 hour database build for codeql.