Import of message from SARIF stack

andi · January 15, 2025, 10:05am

The SARIF importer already supports the import of Stacks according to Static Analysis Results Interchange Format (SARIF) Version 2.1.0 Plus Errata 01.
Beside the frames that are already imported as flow into SonarQube, SARIF also supports a message per stack. But this message is currently ignored.

The addFlow method of AbstractDefaultIssue.java already accepts a flowDescription argument.

Unfortunately this method overload is not exposed in the plugin API.

Please consider exposing this argument in the pluginApi and the import of the stack message.

Example for SARIF file with stack with a message:

Topic		Replies	Views
Trouble importing SARIF reports SonarQube Server / Community Build	9	2157	January 9, 2023
SARIF report issue - unable to see imported content SonarQube Server / Community Build sarif	16	446	August 27, 2024
Support SARIF reports Product Manager for a Day sonarqube , external_issues	25	7354	September 4, 2024
SonarCloud can import SARIF files to load external issues Announcements sarif	0	340	September 3, 2024
Import Cppcheck SARIF SonarQube Server / Community Build	1	14	February 24, 2025