message object
Certain objects in this document define messages intended to be viewed by a user.
SARIF represents such a message with a message object, which offers the following features:
- Message strings in plain text (“plain text messages”).
- Message strings that incorporate formatting information (“formatted messages”) in GitHub Flavored Markdown.
- Message strings with placeholders for variable information.
- Message strings with embedded links.
PlainText Example
Tip
Generated with following command : php ./resources/serialize.php message/plainText docs/assets/sarif 192
docs/assets/sarif/message/plainText.json
{
"$schema": "https://json.schemastore.org/sarif-2.1.0.json",
"version": "2.1.0",
"runs": [
{
"tool": {
"driver": {
"name": "ESLint",
"semanticVersion": "8.1.0",
"informationUri": "https://eslint.org",
"rules": [
{
"id": "no-unused-vars",
"shortDescription": {
"text": "disallow unused variables"
},
"helpUri": "https://eslint.org/docs/rules/no-unused-vars",
"properties": {
"category": "Variables"
}
}
]
}
},
"results": [
{
"message": {
"text": "'x' is assigned a value but never used."
},
"ruleId": "no-unused-vars",
"ruleIndex": 0,
"level": "error"
}
]
}
]
}
examples/message/plainText.php
<?php
/**
* This file is part of the Sarif-PHP-SDK package.
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @author Laurent Laville
*/
use Bartlett\Sarif\Definition\Message;
use Bartlett\Sarif\Definition\MultiformatMessageString;
use Bartlett\Sarif\Definition\PropertyBag;
use Bartlett\Sarif\Definition\ReportingDescriptor;
use Bartlett\Sarif\Definition\Result;
use Bartlett\Sarif\Definition\Run;
use Bartlett\Sarif\Definition\Tool;
use Bartlett\Sarif\Definition\ToolComponent;
use Bartlett\Sarif\SarifLog;
require_once dirname(__DIR__, 2) . '/vendor/autoload.php';
$driver = new ToolComponent();
$driver->setName('ESLint');
$driver->setInformationUri('https://eslint.org');
$driver->setSemanticVersion('8.1.0');
$rule = new ReportingDescriptor();
$rule->setId('no-unused-vars');
$desc = new MultiformatMessageString();
$desc->setText('disallow unused variables');
$rule->setShortDescription($desc);
$rule->setHelpUri('https://eslint.org/docs/rules/no-unused-vars');
$properties = new PropertyBag();
$properties->addProperty('category', 'Variables');
$rule->setProperties($properties);
$driver->addRules([$rule]);
$tool = new Tool();
$tool->setDriver($driver);
$message = new Message();
$message->setText("'x' is assigned a value but never used.");
$result = new Result();
$result->setMessage($message);
$result->setLevel('error');
$result->setRuleId('no-unused-vars');
$result->setRuleIndex(0);
$run = new Run();
$run->setTool($tool);
$run->addResults([$result]);
$log = new SarifLog([$run]);
Note
This alternative API is available since release 1.5.0
examples/builder/message/plainText.php
<?php
/**
* This file is part of the Sarif-PHP-SDK package.
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @author Laurent Laville
*/
require_once dirname(__DIR__, 3) . '/vendor/autoload.php';
use Bartlett\Sarif\Factory\BuilderFactory;
$factory = new BuilderFactory();
// @link https://github.com/llaville/sarif-php-sdk/blob/1.1/docs/reference/message.md
$spec = $factory->specification('2.1.0')
->addRun(
$factory->run()
->tool(
$factory->tool()
->driver(
$factory->driver()
->name('ESLint')
->semanticVersion('8.1.0')
->informationUri('https://eslint.org')
->addRule(
$factory->rule()
->id('no-unused-vars')
->shortDescription('disallow unused variables')
->helpUri('https://eslint.org/docs/rules/no-unused-vars')
->setProperties([
'category' => 'Variables',
])
)
)
)
->addResult(
$factory->result()
->message(
$factory->message()
->text("'x' is assigned a value but never used.")
)
->ruleId('no-unused-vars')
->ruleIndex(0)
->level('error')
)
->setProperties([])
)
;
Formatted Example
Tip
Generated with following command : php ./resources/serialize.php message/formatted docs/assets/sarif 192
docs/assets/sarif/message/formatted.json
{
"$schema": "https://json.schemastore.org/sarif-2.1.0.json",
"version": "2.1.0",
"runs": [
{
"tool": {
"driver": {
"name": "CodeScanner",
"semanticVersion": "1.1.2-beta.12",
"informationUri": "https://codeScanner.dev"
}
},
"results": [
{
"message": {
"text": "Variable '{0}' is uninitialized.",
"arguments": [
"pBuffer"
]
},
"ruleId": "CA2101"
}
]
}
]
}
examples/message/formatted.php
<?php
/**
* This file is part of the Sarif-PHP-SDK package.
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @author Laurent Laville
*/
use Bartlett\Sarif\Definition\Message;
use Bartlett\Sarif\Definition\Result;
use Bartlett\Sarif\Definition\Run;
use Bartlett\Sarif\Definition\Tool;
use Bartlett\Sarif\Definition\ToolComponent;
use Bartlett\Sarif\SarifLog;
require_once dirname(__DIR__, 2) . '/vendor/autoload.php';
$driver = new ToolComponent();
$driver->setName('CodeScanner');
$driver->setInformationUri('https://codeScanner.dev');
$driver->setSemanticVersion('1.1.2-beta.12');
$tool = new Tool();
$tool->setDriver($driver);
$message = new Message();
$message->setText("Variable '{0}' is uninitialized.");
$message->addArguments(['pBuffer']);
$result = new Result();
$result->setMessage($message);
$result->setRuleId('CA2101');
$run = new Run();
$run->setTool($tool);
$run->addResults([$result]);
$log = new SarifLog([$run]);
Note
This alternative API is available since release 1.5.0
examples/builder/message/formatted.php
<?php
/**
* This file is part of the Sarif-PHP-SDK package.
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @author Laurent Laville
*/
require_once dirname(__DIR__, 3) . '/vendor/autoload.php';
use Bartlett\Sarif\Factory\BuilderFactory;
$factory = new BuilderFactory();
// @link https://github.com/llaville/sarif-php-sdk/blob/1.1/docs/reference/message.md
$spec = $factory->specification('2.1.0')
->addRun(
$factory->run()
->tool(
$factory->tool()
->driver(
$factory->driver()
->name('CodeScanner')
->semanticVersion('1.1.2-beta.12')
->informationUri('https://codeScanner.dev')
)
)
->addResult(
$factory->result()
->message(
$factory->message()
->text("Variable '{0}' is uninitialized.")
->addArgument('pBuffer')
)
->ruleId('CA2101')
)
->setProperties([])
)
;
Embedded links Example
Tip
Generated with following command : php ./resources/serialize.php message/embeddedLinks docs/assets/sarif 192
docs/assets/sarif/message/embeddedLinks.json
{
"$schema": "https://json.schemastore.org/sarif-2.1.0.json",
"version": "2.1.0",
"runs": [
{
"tool": {
"driver": {
"name": "CodeScanner",
"semanticVersion": "1.1.2-beta.12",
"informationUri": "https://codeScanner.dev"
}
},
"results": [
{
"message": {
"text": "Tainted data was used. The data came from [here](3)."
},
"ruleId": "TNT0001",
"relatedLocations": [
{
"id": 3,
"physicalLocation": {
"artifactLocation": {
"uri": "file:///C:/code/input.c"
},
"region": {
"startLine": 25,
"startColumn": 19
}
}
}
]
}
]
}
]
}
examples/message/embeddedLinks.php
<?php
/**
* This file is part of the Sarif-PHP-SDK package.
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @author Laurent Laville
*/
use Bartlett\Sarif\Definition\ArtifactLocation;
use Bartlett\Sarif\Definition\Location;
use Bartlett\Sarif\Definition\Message;
use Bartlett\Sarif\Definition\PhysicalLocation;
use Bartlett\Sarif\Definition\Region;
use Bartlett\Sarif\Definition\Result;
use Bartlett\Sarif\Definition\Run;
use Bartlett\Sarif\Definition\Tool;
use Bartlett\Sarif\Definition\ToolComponent;
use Bartlett\Sarif\SarifLog;
require_once dirname(__DIR__, 2) . '/vendor/autoload.php';
$driver = new ToolComponent();
$driver->setName('CodeScanner');
$driver->setInformationUri('https://codeScanner.dev');
$driver->setSemanticVersion('1.1.2-beta.12');
$tool = new Tool();
$tool->setDriver($driver);
$message = new Message();
$message->setText('Tainted data was used. The data came from [here](3).');
$result = new Result();
$result->setMessage($message);
$result->setRuleId('TNT0001');
$location = new Location();
$location->setId(3);
$artifactLocation = new ArtifactLocation();
$artifactLocation->setUri('file:///C:/code/input.c');
$physicalLocation = new PhysicalLocation();
$physicalLocation->setArtifactLocation($artifactLocation);
$region = new Region();
$region->setStartLine(25);
$region->setStartColumn(19);
$physicalLocation->setRegion($region);
$location->setPhysicalLocation($physicalLocation);
$result->addRelatedLocations([$location]);
$run = new Run();
$run->setTool($tool);
$run->addResults([$result]);
$log = new SarifLog([$run]);
Note
This alternative API is available since release 1.5.0
examples/builder/message/embeddedLinks.php
<?php
/**
* This file is part of the Sarif-PHP-SDK package.
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @author Laurent Laville
*/
require_once dirname(__DIR__, 3) . '/vendor/autoload.php';
use Bartlett\Sarif\Factory\BuilderFactory;
$factory = new BuilderFactory();
// @link https://github.com/llaville/sarif-php-sdk/blob/1.1/docs/reference/message.md
$spec = $factory->specification('2.1.0')
->addRun(
$factory->run()
->tool(
$factory->tool()
->driver(
$factory->driver()
->name('CodeScanner')
->semanticVersion('1.1.2-beta.12')
->informationUri('https://codeScanner.dev')
)
)
->addResult(
$factory->result()
->message(
$factory->message()
->text('Tainted data was used. The data came from [here](3).')
)
->ruleId('TNT0001')
->addRelatedLocation(
$factory->location()
->id(3)
->physicalLocation(
$factory->physicalLocation()
->artifactLocation(
$factory->artifactLocation()
->uri('file:///C:/code/input.c')
)
->region(
$factory->region()
->startLine(25)
->startColumn(19)
)
)
)
)
)
;
String lookup Example
Tip
Generated with following command : php ./resources/serialize.php message/stringLookup docs/assets/sarif 192
docs/assets/sarif/message/stringLookup.json
{
"$schema": "https://json.schemastore.org/sarif-2.1.0.json",
"version": "2.1.0",
"runs": [
{
"tool": {
"driver": {
"name": "CodeScanner",
"semanticVersion": "1.1.2-beta.12",
"informationUri": "https://codeScanner.dev",
"rules": [
{
"id": "CS0001",
"messageStrings": {
"default": {
"text": "This is the message text. It might be very long."
}
}
}
]
}
},
"results": [
{
"message": {
"id": "default"
},
"ruleId": "CS0001",
"ruleIndex": 0
}
]
}
]
}
examples/message/stringLookup.php
<?php
/**
* This file is part of the Sarif-PHP-SDK package.
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @author Laurent Laville
*/
use Bartlett\Sarif\Definition\Message;
use Bartlett\Sarif\Definition\MultiformatMessageString;
use Bartlett\Sarif\Definition\ReportingDescriptor;
use Bartlett\Sarif\Definition\Result;
use Bartlett\Sarif\Definition\Run;
use Bartlett\Sarif\Definition\Tool;
use Bartlett\Sarif\Definition\ToolComponent;
use Bartlett\Sarif\SarifLog;
require_once dirname(__DIR__, 2) . '/vendor/autoload.php';
$driver = new ToolComponent();
$driver->setName('CodeScanner');
$driver->setInformationUri('https://codeScanner.dev');
$driver->setSemanticVersion('1.1.2-beta.12');
$rule = new ReportingDescriptor();
$rule->setId('CS0001');
$default = new MultiformatMessageString();
$default->setText('This is the message text. It might be very long.');
$rule->addMessageStrings([
'default' => $default,
]);
$driver->addRules([$rule]);
$tool = new Tool();
$tool->setDriver($driver);
$message = new Message();
$message->setText(
'A message object can directly contain message strings in its text and markdown properties.'
. ' It can also indirectly refer to message strings through its id property.'
);
$result = new Result();
$result->setRuleId('CS0001');
$result->setRuleIndex(0);
$message = new Message();
$message->setId('default');
$result->setMessage($message);
$run = new Run();
$run->setTool($tool);
$run->addResults([$result]);
$log = new SarifLog([$run]);
Note
This alternative API is available since release 1.5.0
examples/builder/message/stringLookup.php
<?php
/**
* This file is part of the Sarif-PHP-SDK package.
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*
* @author Laurent Laville
*/
require_once dirname(__DIR__, 3) . '/vendor/autoload.php';
use Bartlett\Sarif\Factory\BuilderFactory;
$factory = new BuilderFactory();
// @link https://github.com/llaville/sarif-php-sdk/blob/1.1/docs/reference/message.md
$spec = $factory->specification('2.1.0')
->addRun(
$factory->run()
->tool(
$factory->tool()
->driver(
$factory->driver()
->name('CodeScanner')
->semanticVersion('1.1.2-beta.12')
->informationUri('https://codeScanner.dev')
->addRule(
$factory->rule()
->id('CS0001')
->addMessageString('default', 'This is the message text. It might be very long.')
)
)
)
->addResult(
$factory->result()
->message(
$factory->message()
->id('default')
)
->ruleId('CS0001')
->ruleIndex(0)
)
)
;