SARIF SAST Scans Tab not showing scan results #25
Comments
|
Having this exact issue as well. |
|
Hi! I also have the same issue. Though .sarif report is available under CodeAnalysisLogs, 'Scans' tab displays blank page |
|
I have the same issue - I've checked that my So, for clarity, it may be a good option to indicate on the tab that a scan has been done and what tools did report "No results". |
|
@nsid123, @tmanor2604 - are your scans also coming up with 0 results? |
|
Also, to make sure we're talking about the same thing when we say "a blank page", screenshots would be helpful! |
|
Proposed change for when scans run without returning any results: |
|
Experiencing this issue in my org's DevOps. Artifacts are generated in the correct location, but the Scans tab is empty (despite results after scanning).
No related errors observed in devtools when inspecting the page. I haven't been able to pinpoint a change after this that could cause this issue, or seem in any way related. |
|
Thanks @jH-. Do those logs also contain results? Or do they come back "clean" (i.e. successfully scanned, but no results to report)? |
|
@50Wliu They contain results. |
After I moved SARIF results at the root level of CodeAnalysisLogs, I can view results for a Static Code Analysis tool called Coverity but not from another tool called Astree |
|
I have the same issue when using a .gdnconfig file for scanning a particular directory. When I use the generic 'MicrosoftSecurityDevOps@1' task I do get all the scans in both the scan tab and the mdso.sarif file. Working yaml config:`pool:
Results :
Not working yaml & gdnconfig config`trigger: none
gdnconfig file: Results
Small remark: it does see that there is an error but does not mark it in red like the task above does. Is there anything else that needs to be configured somewhere? |
|
Reopening because it seems like there's another issue here that needs fixing. |
|
I also seem to have issues getting this to display
Not sure what I am doing wrong This might have to do with the file ending that is being appended on windows machines but they are still valid sarif files |
|
After todays update sarif scan tab does not show scan results. Rei-nstalling does not help |
|
Hello, |
|
Probably #48 |
|
Yes - please update. If you still don't see any results on 0.5.6, let me know. Thanks for the prompt reports :) |
|
Yes, now it works with version 0.5.6. |
|
@50Wliu I re-installed the Sarif Extension and run the pipeline. However, that did not work at all. The sarif scan tab does not show any results. |
|
@50Wliu I re-installed the SARIF Extension and run the pipeline. The Scan tab shows up but not a trace of the SARIF scan.
|
|
Any update on this topic? |
|
At least for me, the extension worked perfectly the past few months |
Hi I added Microsoft Security DevOps task and installed SARIF SAST Scans Tab. I can see the artifacts that is getting generated with the extension msdo.sarif but i am not seeing any output in the Scans tab. It shows a blank page. Could you please help us on this
The text was updated successfully, but these errors were encountered: