tessl/pypi-semgrep
Lightweight static analysis for many languages with programmatic Python API for custom integrations.
—
Pending
output-formatting.mddocs/
Output Formatting
Comprehensive output formatting system supporting multiple formats including JSON, SARIF, text, and XML for integration with various tools and workflows.
Capabilities
Output Handler
Main class for managing output generation and formatting.
class OutputHandler:
"""
Handles output generation and formatting for scan results.
Manages different output formats and provides unified interface
for writing scan results to various destinations.
"""
def __init__(self, output_settings): ...
def handle_results(self, results, errors, stats): ...
def write_to_file(self, content, file_path): ...
def write_to_stdout(self, content): ...
def format_results(self, results, formatter): ...
class OutputSettings:
"""
Configuration for output formatting behavior.
Attributes:
- output_format (OutputFormat): Format for output (JSON, SARIF, TEXT, etc.)
- output_file (str): File path for output, None for stdout
- verbose (bool): Include verbose information
- debug (bool): Include debug information
- show_supported_languages (bool): Show supported languages
- timeout (int): Timeout for rule execution
- max_target_bytes (int): Maximum target file size
"""
def __init__(self, **kwargs): ...
class NormalizedOutputSettings:
"""
Normalized output settings with validated parameters.
Processed version of OutputSettings with defaults applied
and validation performed.
"""
def __init__(self, output_settings): ...Formatter Classes
Specific formatters for different output formats.
class JsonFormatter:
"""
Formats scan results as JSON for machine processing.
Produces structured JSON output compatible with semgrep JSON schema.
"""
def format(self, results, errors, **kwargs): ...
def format_rule_match(self, match): ...
class SarifFormatter:
"""
Formats scan results as SARIF for security tool integration.
SARIF (Static Analysis Results Interchange Format) is a standard
format for static analysis tools.
"""
def format(self, results, errors, **kwargs): ...
def create_sarif_run(self, results, rules): ...
def create_sarif_result(self, match): ...
class TextFormatter:
"""
Formats scan results as human-readable text.
Provides colored terminal output with file locations,
code snippets, and rule information.
"""
def format(self, results, errors, **kwargs): ...
def format_match_text(self, match): ...
def colorize_output(self, text, color): ...
class JunitXmlFormatter:
"""
Formats scan results as JUnit XML for CI integration.
Compatible with CI systems that consume JUnit test results.
"""
def format(self, results, errors, **kwargs): ...
def create_test_case(self, match): ...
class EmacsFormatter:
"""
Formats scan results for Emacs editor integration.
Uses Emacs compilation mode format for easy navigation
to findings within the editor.
"""
def format(self, results, errors, **kwargs): ...
class VimFormatter:
"""
Formats scan results for Vim editor integration.
Uses Vim quickfix format for jumping to findings
within the editor.
"""
def format(self, results, errors, **kwargs): ...
class GitlabSastFormatter:
"""
Formats scan results for GitLab SAST integration.
Produces GitLab SAST report format for security
dashboard integration.
"""
def format(self, results, errors, **kwargs): ...
class GitlabSecretsFormatter:
"""
Formats scan results for GitLab Secrets detection.
Produces GitLab Secrets report format for credential
scanning integration.
"""
def format(self, results, errors, **kwargs): ...Constants
Output Format Types
class OutputFormat:
"""
Enumeration of supported output formats.
Values:
- TEXT: Human-readable text output with colors
- JSON: Structured JSON format
- SARIF: SARIF format for security tools
- JUNIT_XML: JUnit XML for CI integration
- EMACS: Emacs compilation mode format
- VIM: Vim quickfix format
- GITLAB_SAST: GitLab SAST report format
- GITLAB_SECRETS: GitLab Secrets report format
"""
TEXT = "text"
JSON = "json"
SARIF = "sarif"
JUNIT_XML = "junit-xml"
EMACS = "emacs"
VIM = "vim"
GITLAB_SAST = "gitlab-sast"
GITLAB_SECRETS = "gitlab-secrets"
FORMATTERS = {
OutputFormat.TEXT: TextFormatter,
OutputFormat.JSON: JsonFormatter,
OutputFormat.SARIF: SarifFormatter,
OutputFormat.JUNIT_XML: JunitXmlFormatter,
OutputFormat.EMACS: EmacsFormatter,
OutputFormat.VIM: VimFormatter,
OutputFormat.GITLAB_SAST: GitlabSastFormatter,
OutputFormat.GITLAB_SECRETS: GitlabSecretsFormatter,
}
DEFAULT_SHOWN_SEVERITIES = {"ERROR", "WARNING"}Usage Examples
Basic Output Formatting
from semgrep.output import OutputHandler, OutputSettings, OutputFormat
from semgrep.formatter.json import JsonFormatter
# Configure JSON output to file
settings = OutputSettings(
output_format=OutputFormat.JSON,
output_file="results.json",
verbose=True
)
# Create output handler
handler = OutputHandler(settings)
# Format and write results (assuming we have scan results)
handler.handle_results(results, errors, stats)Custom Formatting
from semgrep.formatter.sarif import SarifFormatter
# Create SARIF formatter
formatter = SarifFormatter()
# Format results manually
sarif_output = formatter.format(
results=scan_results,
errors=scan_errors,
rules=config.rules
)
# Write to file
with open("results.sarif", "w") as f:
f.write(sarif_output)Multiple Output Formats
# Generate multiple output formats
formatters = {
"json": JsonFormatter(),
"sarif": SarifFormatter(),
"text": TextFormatter()
}
for format_name, formatter in formatters.items():
output = formatter.format(results, errors)
with open(f"results.{format_name}", "w") as f:
f.write(output)Install with Tessl CLI
npx tessl i tessl/pypi-semgrep