sarif
Scan a SARIF report and upload results to DevGuard
Synopsis
Upload a SARIF report to DevGuard. DevGuard reads the report and stores the findings — it does NOT re-scan the files.
Use this if you already run your own static analysis scanner (e.g. CodeQL, Semgrep, Trivy, or any other SARIF-producing tool) and just want to feed the results into DevGuard without using the built-in 'sast' or 'iac' commands.
DevGuard compares the uploaded report against previous runs to detect new or resolved findings and makes them visible in the DevGuard UI. The command returns the processed SARIF report on stdout so you can chain it into other tools (e.g. 'sarif2markdown').