feat: Add SARIF output support

vendor/github.com/owenrumney/go-sarif/v3/LICENSE

@@ -0,0 +1,24 @@
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <https://unlicense.org>

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/sarif.go

@@ -0,0 +1,16 @@
+package report
+
+import (
+	v210 "github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif"
+	v22 "github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif"
+)
+
+type Version string
+
+func NewV210Report() *v210.Report {
+	return v210.NewReport()
+}
+
+func NewV22Report() *v22.Report {
+	return v22.NewReport()
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/utils/helper_pointers.go

@@ -0,0 +1,3 @@
+package utils
+
+var DefaultLengthInt int = -1

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/address.go

@@ -0,0 +1,103 @@
+package sarif
+
+// Address - A physical or virtual address, or a range of addresses, in an 'addressable region' (memory or a binary file).
+type Address struct {
+	// The address expressed as a byte offset from the start of the addressable region.
+	AbsoluteAddress int `json:"absoluteAddress"`
+
+	// A human-readable fully qualified name that is associated with the address.
+	FullyQualifiedName *string `json:"fullyQualifiedName,omitempty"`
+
+	// The index within run.addresses of the cached object for this address.
+	Index int `json:"index"`
+
+	// An open-ended string that identifies the address kind. 'data', 'function', 'header','instruction', 'module', 'page', 'section', 'segment', 'stack', 'stackFrame', 'table' are well-known values.
+	Kind *string `json:"kind,omitempty"`
+
+	// The number of bytes in this range of addresses.
+	Length *int `json:"length,omitempty"`
+
+	// A name that is associated with the address, e.g., '.text'.
+	Name *string `json:"name,omitempty"`
+
+	// The byte offset of this address from the absolute or relative address of the parent object.
+	OffsetFromParent *int `json:"offsetFromParent,omitempty"`
+
+	// The index within run.addresses of the parent object.
+	ParentIndex int `json:"parentIndex"`
+
+	// Key/value pairs that provide additional information about the address.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The address expressed as a byte offset from the absolute address of the top-most parent object.
+	RelativeAddress *int `json:"relativeAddress,omitempty"`
+}
+
+// NewAddress - creates a new
+func NewAddress() *Address {
+	return &Address{
+		AbsoluteAddress: -1,
+		Index:           -1,
+		ParentIndex:     -1,
+	}
+}
+
+// WithAbsoluteAddress - add a AbsoluteAddress to the Address
+func (a *Address) WithAbsoluteAddress(absoluteAddress int) *Address {
+	a.AbsoluteAddress = absoluteAddress
+	return a
+}
+
+// WithFullyQualifiedName - add a FullyQualifiedName to the Address
+func (f *Address) WithFullyQualifiedName(fullyQualifiedName string) *Address {
+	f.FullyQualifiedName = &fullyQualifiedName
+	return f
+}
+
+// WithIndex - add a Index to the Address
+func (i *Address) WithIndex(index int) *Address {
+	i.Index = index
+	return i
+}
+
+// WithKind - add a Kind to the Address
+func (k *Address) WithKind(kind string) *Address {
+	k.Kind = &kind
+	return k
+}
+
+// WithLength - add a Length to the Address
+func (l *Address) WithLength(length int) *Address {
+	l.Length = &length
+	return l
+}
+
+// WithName - add a Name to the Address
+func (n *Address) WithName(name string) *Address {
+	n.Name = &name
+	return n
+}
+
+// WithOffsetFromParent - add a OffsetFromParent to the Address
+func (o *Address) WithOffsetFromParent(offsetFromParent int) *Address {
+	o.OffsetFromParent = &offsetFromParent
+	return o
+}
+
+// WithParentIndex - add a ParentIndex to the Address
+func (p *Address) WithParentIndex(parentIndex int) *Address {
+	p.ParentIndex = parentIndex
+	return p
+}
+
+// WithProperties - add a Properties to the Address
+func (p *Address) WithProperties(properties *PropertyBag) *Address {
+	p.Properties = properties
+	return p
+}
+
+// WithRelativeAddress - add a RelativeAddress to the Address
+func (r *Address) WithRelativeAddress(relativeAddress int) *Address {
+	r.RelativeAddress = &relativeAddress
+	return r
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/artifact.go

@@ -0,0 +1,142 @@
+package sarif
+
+// Artifact - A single artifact. In some cases, this artifact might be nested within another artifact.
+type Artifact struct {
+	// A dictionary, each of whose keys is the name of a hash function and each of whose values is the hashed value of the artifact produced by the specified hash function.
+	Hashes map[string]string `json:"hashes,omitempty"`
+
+	// The contents of the artifact.
+	Contents *ArtifactContent `json:"contents,omitempty"`
+
+	// A short description of the artifact.
+	Description *Message `json:"description,omitempty"`
+
+	// Specifies the encoding for an artifact object that refers to a text file.
+	Encoding *string `json:"encoding,omitempty"`
+
+	// The Coordinated Universal Time (UTC) date and time at which the artifact was most recently modified. See "Date/time properties" in the SARIF spec for the required format.
+	LastModifiedTimeUtc *string `json:"lastModifiedTimeUtc,omitempty"`
+
+	// The length of the artifact in bytes.
+	Length int `json:"length"`
+
+	// The location of the artifact.
+	Location *ArtifactLocation `json:"location,omitempty"`
+
+	// The MIME type (RFC 2045) of the artifact.
+	MimeType *string `json:"mimeType,omitempty"`
+
+	// The offset in bytes of the artifact within its containing artifact.
+	Offset *int `json:"offset,omitempty"`
+
+	// Identifies the index of the immediate parent of the artifact, if this artifact is nested.
+	ParentIndex int `json:"parentIndex"`
+
+	// Key/value pairs that provide additional information about the artifact.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The role or roles played by the artifact in the analysis.
+	Roles []string `json:"roles"`
+
+	// Specifies the source language for any artifact object that refers to a text file that contains source code.
+	SourceLanguage *string `json:"sourceLanguage,omitempty"`
+}
+
+// NewArtifact - creates a new
+func NewArtifact() *Artifact {
+	return &Artifact{
+		Length:      -1,
+		ParentIndex: -1,
+		Roles:       make([]string, 0),
+	}
+}
+
+// AddHash - add a single Hash to the Artifact
+func (h *Artifact) AddHash(key, hash string) *Artifact {
+	h.Hashes[key] = hash
+	return h
+}
+
+// WithHashes - add a Hashes to the Artifact
+func (h *Artifact) WithHashes(hashes map[string]string) *Artifact {
+	h.Hashes = hashes
+	return h
+}
+
+// WithContents - add a Contents to the Artifact
+func (c *Artifact) WithContents(contents *ArtifactContent) *Artifact {
+	c.Contents = contents
+	return c
+}
+
+// WithDescription - add a Description to the Artifact
+func (d *Artifact) WithDescription(description *Message) *Artifact {
+	d.Description = description
+	return d
+}
+
+// WithEncoding - add a Encoding to the Artifact
+func (e *Artifact) WithEncoding(encoding string) *Artifact {
+	e.Encoding = &encoding
+	return e
+}
+
+// WithLastModifiedTimeUtc - add a LastModifiedTimeUtc to the Artifact
+func (l *Artifact) WithLastModifiedTimeUtc(lastModifiedTimeUtc string) *Artifact {
+	l.LastModifiedTimeUtc = &lastModifiedTimeUtc
+	return l
+}
+
+// WithLength - add a Length to the Artifact
+func (l *Artifact) WithLength(length int) *Artifact {
+	l.Length = length
+	return l
+}
+
+// WithLocation - add a Location to the Artifact
+func (l *Artifact) WithLocation(location *ArtifactLocation) *Artifact {
+	l.Location = location
+	return l
+}
+
+// WithMimeType - add a MimeType to the Artifact
+func (m *Artifact) WithMimeType(mimeType string) *Artifact {
+	m.MimeType = &mimeType
+	return m
+}
+
+// WithOffset - add a Offset to the Artifact
+func (o *Artifact) WithOffset(offset int) *Artifact {
+	o.Offset = &offset
+	return o
+}
+
+// WithParentIndex - add a ParentIndex to the Artifact
+func (p *Artifact) WithParentIndex(parentIndex int) *Artifact {
+	p.ParentIndex = parentIndex
+	return p
+}
+
+// WithProperties - add a Properties to the Artifact
+func (p *Artifact) WithProperties(properties *PropertyBag) *Artifact {
+	p.Properties = properties
+	return p
+}
+
+// WithRoles - add a Roles to the Artifact
+func (r *Artifact) WithRoles(roles []string) *Artifact {
+	r.Roles = roles
+	return r
+}
+
+// AddRole - add a single Role to the Artifact
+func (r *Artifact) AddRole(role string) *Artifact {
+	r.Roles = append(r.Roles, role)
+	return r
+}
+
+// WithSourceLanguage - add a SourceLanguage to the Artifact
+func (s *Artifact) WithSourceLanguage(sourceLanguage string) *Artifact {
+	s.SourceLanguage = &sourceLanguage
+	return s
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/artifact_change.go

@@ -0,0 +1,44 @@
+package sarif
+
+// ArtifactChange - A change to a single artifact.
+type ArtifactChange struct {
+	// The location of the artifact to change.
+	ArtifactLocation *ArtifactLocation `json:"artifactLocation,omitempty"`
+
+	// Key/value pairs that provide additional information about the change.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An array of replacement objects, each of which represents the replacement of a single region in a single artifact specified by 'artifactLocation'.
+	Replacements []*Replacement `json:"replacements,omitempty"`
+}
+
+// NewArtifactChange - creates a new
+func NewArtifactChange() *ArtifactChange {
+	return &ArtifactChange{
+		Replacements: make([]*Replacement, 0),
+	}
+}
+
+// WithArtifactLocation - add a ArtifactLocation to the ArtifactChange
+func (a *ArtifactChange) WithArtifactLocation(artifactLocation *ArtifactLocation) *ArtifactChange {
+	a.ArtifactLocation = artifactLocation
+	return a
+}
+
+// WithProperties - add a Properties to the ArtifactChange
+func (p *ArtifactChange) WithProperties(properties *PropertyBag) *ArtifactChange {
+	p.Properties = properties
+	return p
+}
+
+// WithReplacements - add a Replacements to the ArtifactChange
+func (r *ArtifactChange) WithReplacements(replacements []*Replacement) *ArtifactChange {
+	r.Replacements = replacements
+	return r
+}
+
+// AddReplacement - add a single Replacement to the ArtifactChange
+func (r *ArtifactChange) AddReplacement(replacement *Replacement) *ArtifactChange {
+	r.Replacements = append(r.Replacements, replacement)
+	return r
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/artifact_content.go

@@ -0,0 +1,45 @@
+package sarif
+
+// ArtifactContent - Represents the contents of an artifact.
+type ArtifactContent struct {
+	// MIME Base64-encoded content from a binary artifact, or from a text artifact in its original encoding.
+	Binary *string `json:"binary,omitempty"`
+
+	// Key/value pairs that provide additional information about the artifact content.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An alternate rendered representation of the artifact (e.g., a decompiled representation of a binary region).
+	Rendered *MultiformatMessageString `json:"rendered,omitempty"`
+
+	// UTF-8-encoded content from a text artifact.
+	Text *string `json:"text,omitempty"`
+}
+
+// NewArtifactContent - creates a new
+func NewArtifactContent() *ArtifactContent {
+	return &ArtifactContent{}
+}
+
+// WithBinary - add a Binary to the ArtifactContent
+func (b *ArtifactContent) WithBinary(binary string) *ArtifactContent {
+	b.Binary = &binary
+	return b
+}
+
+// WithProperties - add a Properties to the ArtifactContent
+func (p *ArtifactContent) WithProperties(properties *PropertyBag) *ArtifactContent {
+	p.Properties = properties
+	return p
+}
+
+// WithRendered - add a Rendered to the ArtifactContent
+func (r *ArtifactContent) WithRendered(rendered *MultiformatMessageString) *ArtifactContent {
+	r.Rendered = rendered
+	return r
+}
+
+// WithText - add a Text to the ArtifactContent
+func (t *ArtifactContent) WithText(text string) *ArtifactContent {
+	t.Text = &text
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/artifact_location.go

@@ -0,0 +1,56 @@
+package sarif
+
+// ArtifactLocation - Specifies the location of an artifact.
+type ArtifactLocation struct {
+	// A short description of the artifact location.
+	Description *Message `json:"description,omitempty"`
+
+	// The index within the run artifacts array of the artifact object associated with the artifact location.
+	Index int `json:"index"`
+
+	// Key/value pairs that provide additional information about the artifact location.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A string containing a valid relative or absolute URI.
+	URI *string `json:"uri,omitempty"`
+
+	// A string which indirectly specifies the absolute URI with respect to which a relative URI in the "uri" property is interpreted.
+	URIBaseID *string `json:"uriBaseId,omitempty"`
+}
+
+// NewArtifactLocation - creates a new
+func NewArtifactLocation() *ArtifactLocation {
+	return &ArtifactLocation{
+		Index: -1,
+	}
+}
+
+// WithDescription - add a Description to the ArtifactLocation
+func (d *ArtifactLocation) WithDescription(description *Message) *ArtifactLocation {
+	d.Description = description
+	return d
+}
+
+// WithIndex - add a Index to the ArtifactLocation
+func (i *ArtifactLocation) WithIndex(index int) *ArtifactLocation {
+	i.Index = index
+	return i
+}
+
+// WithProperties - add a Properties to the ArtifactLocation
+func (p *ArtifactLocation) WithProperties(properties *PropertyBag) *ArtifactLocation {
+	p.Properties = properties
+	return p
+}
+
+// WithURI - add a URI to the ArtifactLocation
+func (u *ArtifactLocation) WithURI(uri string) *ArtifactLocation {
+	u.URI = &uri
+	return u
+}
+
+// WithURIBaseID - add a URIBaseID to the ArtifactLocation
+func (u *ArtifactLocation) WithURIBaseID(uriBaseId string) *ArtifactLocation {
+	u.URIBaseID = &uriBaseId
+	return u
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/artifact_location_companion.go

@@ -0,0 +1,6 @@
+package sarif
+
+// NewSimpleArtifactLocation creates a new SimpleArtifactLocation and returns a pointer to it
+func NewSimpleArtifactLocation(uri string) *ArtifactLocation {
+	return NewArtifactLocation().WithURI(uri)
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/attachment.go

@@ -0,0 +1,69 @@
+package sarif
+
+// Attachment - An artifact relevant to a result.
+type Attachment struct {
+	// The location of the attachment.
+	ArtifactLocation *ArtifactLocation `json:"artifactLocation,omitempty"`
+
+	// A message describing the role played by the attachment.
+	Description *Message `json:"description,omitempty"`
+
+	// Key/value pairs that provide additional information about the attachment.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An array of rectangles specifying areas of interest within the image.
+	Rectangles []*Rectangle `json:"rectangles"`
+
+	// An array of regions of interest within the attachment.
+	Regions []*Region `json:"regions"`
+}
+
+// NewAttachment - creates a new
+func NewAttachment() *Attachment {
+	return &Attachment{
+		Rectangles: make([]*Rectangle, 0),
+		Regions:    make([]*Region, 0),
+	}
+}
+
+// WithArtifactLocation - add a ArtifactLocation to the Attachment
+func (a *Attachment) WithArtifactLocation(artifactLocation *ArtifactLocation) *Attachment {
+	a.ArtifactLocation = artifactLocation
+	return a
+}
+
+// WithDescription - add a Description to the Attachment
+func (d *Attachment) WithDescription(description *Message) *Attachment {
+	d.Description = description
+	return d
+}
+
+// WithProperties - add a Properties to the Attachment
+func (p *Attachment) WithProperties(properties *PropertyBag) *Attachment {
+	p.Properties = properties
+	return p
+}
+
+// WithRectangles - add a Rectangles to the Attachment
+func (r *Attachment) WithRectangles(rectangles []*Rectangle) *Attachment {
+	r.Rectangles = rectangles
+	return r
+}
+
+// AddRectangle - add a single Rectangle to the Attachment
+func (r *Attachment) AddRectangle(rectangle *Rectangle) *Attachment {
+	r.Rectangles = append(r.Rectangles, rectangle)
+	return r
+}
+
+// WithRegions - add a Regions to the Attachment
+func (r *Attachment) WithRegions(regions []*Region) *Attachment {
+	r.Regions = regions
+	return r
+}
+
+// AddRegion - add a single Region to the Attachment
+func (r *Attachment) AddRegion(region *Region) *Attachment {
+	r.Regions = append(r.Regions, region)
+	return r
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/code_flow.go

@@ -0,0 +1,44 @@
+package sarif
+
+// CodeFlow - A set of threadFlows which together describe a pattern of code execution relevant to detecting a result.
+type CodeFlow struct {
+	// A message relevant to the code flow.
+	Message *Message `json:"message,omitempty"`
+
+	// Key/value pairs that provide additional information about the code flow.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An array of one or more unique threadFlow objects, each of which describes the progress of a program through a thread of execution.
+	ThreadFlows []*ThreadFlow `json:"threadFlows,omitempty"`
+}
+
+// NewCodeFlow - creates a new
+func NewCodeFlow() *CodeFlow {
+	return &CodeFlow{
+		ThreadFlows: make([]*ThreadFlow, 0),
+	}
+}
+
+// WithMessage - add a Message to the CodeFlow
+func (m *CodeFlow) WithMessage(message *Message) *CodeFlow {
+	m.Message = message
+	return m
+}
+
+// WithProperties - add a Properties to the CodeFlow
+func (p *CodeFlow) WithProperties(properties *PropertyBag) *CodeFlow {
+	p.Properties = properties
+	return p
+}
+
+// WithThreadFlows - add a ThreadFlows to the CodeFlow
+func (t *CodeFlow) WithThreadFlows(threadFlows []*ThreadFlow) *CodeFlow {
+	t.ThreadFlows = threadFlows
+	return t
+}
+
+// AddThreadFlow - add a single ThreadFlow to the CodeFlow
+func (t *CodeFlow) AddThreadFlow(threadFlow *ThreadFlow) *CodeFlow {
+	t.ThreadFlows = append(t.ThreadFlows, threadFlow)
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/configuration_override.go

@@ -0,0 +1,36 @@
+package sarif
+
+// ConfigurationOverride - Information about how a specific rule or notification was reconfigured at runtime.
+type ConfigurationOverride struct {
+	// Specifies how the rule or notification was configured during the scan.
+	Configuration *ReportingConfiguration `json:"configuration,omitempty"`
+
+	// A reference used to locate the descriptor whose configuration was overridden.
+	Descriptor *ReportingDescriptorReference `json:"descriptor,omitempty"`
+
+	// Key/value pairs that provide additional information about the configuration override.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewConfigurationOverride - creates a new
+func NewConfigurationOverride() *ConfigurationOverride {
+	return &ConfigurationOverride{}
+}
+
+// WithConfiguration - add a Configuration to the ConfigurationOverride
+func (c *ConfigurationOverride) WithConfiguration(configuration *ReportingConfiguration) *ConfigurationOverride {
+	c.Configuration = configuration
+	return c
+}
+
+// WithDescriptor - add a Descriptor to the ConfigurationOverride
+func (d *ConfigurationOverride) WithDescriptor(descriptor *ReportingDescriptorReference) *ConfigurationOverride {
+	d.Descriptor = descriptor
+	return d
+}
+
+// WithProperties - add a Properties to the ConfigurationOverride
+func (p *ConfigurationOverride) WithProperties(properties *PropertyBag) *ConfigurationOverride {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/conversion.go

@@ -0,0 +1,53 @@
+package sarif
+
+// Conversion - Describes how a converter transformed the output of a static analysis tool from the analysis tool's native output format into the SARIF format.
+type Conversion struct {
+	// The locations of the analysis tool's per-run log files.
+	AnalysisToolLogFiles []*ArtifactLocation `json:"analysisToolLogFiles"`
+
+	// An invocation object that describes the invocation of the converter.
+	Invocation *Invocation `json:"invocation,omitempty"`
+
+	// Key/value pairs that provide additional information about the conversion.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A tool object that describes the converter.
+	Tool *Tool `json:"tool,omitempty"`
+}
+
+// NewConversion - creates a new
+func NewConversion() *Conversion {
+	return &Conversion{
+		AnalysisToolLogFiles: make([]*ArtifactLocation, 0),
+	}
+}
+
+// WithAnalysisToolLogFiles - add a AnalysisToolLogFiles to the Conversion
+func (a *Conversion) WithAnalysisToolLogFiles(analysisToolLogFiles []*ArtifactLocation) *Conversion {
+	a.AnalysisToolLogFiles = analysisToolLogFiles
+	return a
+}
+
+// AddAnalysisToolLogFile - add a single AnalysisToolLogFile to the Conversion
+func (a *Conversion) AddAnalysisToolLogFile(analysisToolLogFile *ArtifactLocation) *Conversion {
+	a.AnalysisToolLogFiles = append(a.AnalysisToolLogFiles, analysisToolLogFile)
+	return a
+}
+
+// WithInvocation - add a Invocation to the Conversion
+func (i *Conversion) WithInvocation(invocation *Invocation) *Conversion {
+	i.Invocation = invocation
+	return i
+}
+
+// WithProperties - add a Properties to the Conversion
+func (p *Conversion) WithProperties(properties *PropertyBag) *Conversion {
+	p.Properties = properties
+	return p
+}
+
+// WithTool - add a Tool to the Conversion
+func (t *Conversion) WithTool(tool *Tool) *Conversion {
+	t.Tool = tool
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/edge.go

@@ -0,0 +1,54 @@
+package sarif
+
+// Edge - Represents a directed edge in a graph.
+type Edge struct {
+	// A string that uniquely identifies the edge within its graph.
+	ID *string `json:"id,omitempty"`
+
+	// A short description of the edge.
+	Label *Message `json:"label,omitempty"`
+
+	// Key/value pairs that provide additional information about the edge.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// Identifies the source node (the node at which the edge starts).
+	SourceNodeID *string `json:"sourceNodeId,omitempty"`
+
+	// Identifies the target node (the node at which the edge ends).
+	TargetNodeID *string `json:"targetNodeId,omitempty"`
+}
+
+// NewEdge - creates a new
+func NewEdge() *Edge {
+	return &Edge{}
+}
+
+// WithID - add a ID to the Edge
+func (i *Edge) WithID(id string) *Edge {
+	i.ID = &id
+	return i
+}
+
+// WithLabel - add a Label to the Edge
+func (l *Edge) WithLabel(label *Message) *Edge {
+	l.Label = label
+	return l
+}
+
+// WithProperties - add a Properties to the Edge
+func (p *Edge) WithProperties(properties *PropertyBag) *Edge {
+	p.Properties = properties
+	return p
+}
+
+// WithSourceNodeID - add a SourceNodeID to the Edge
+func (s *Edge) WithSourceNodeID(sourceNodeId string) *Edge {
+	s.SourceNodeID = &sourceNodeId
+	return s
+}
+
+// WithTargetNodeID - add a TargetNodeID to the Edge
+func (t *Edge) WithTargetNodeID(targetNodeId string) *Edge {
+	t.TargetNodeID = &targetNodeId
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/edge_traversal.go

@@ -0,0 +1,60 @@
+package sarif
+
+// EdgeTraversal - Represents the traversal of a single edge during a graph traversal.
+type EdgeTraversal struct {
+	// The values of relevant expressions after the edge has been traversed.
+	FinalState map[string]MultiformatMessageString `json:"finalState,omitempty"`
+
+	// Identifies the edge being traversed.
+	EdgeID *string `json:"edgeId,omitempty"`
+
+	// A message to display to the user as the edge is traversed.
+	Message *Message `json:"message,omitempty"`
+
+	// Key/value pairs that provide additional information about the edge traversal.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The number of edge traversals necessary to return from a nested graph.
+	StepOverEdgeCount *int `json:"stepOverEdgeCount,omitempty"`
+}
+
+// NewEdgeTraversal - creates a new
+func NewEdgeTraversal() *EdgeTraversal {
+	return &EdgeTraversal{}
+}
+
+// AddFinalState - add a single FinalState to the EdgeTraversal
+func (f *EdgeTraversal) AddFinalState(key string, finalState MultiformatMessageString) *EdgeTraversal {
+	f.FinalState[key] = finalState
+	return f
+}
+
+// WithFinalState - add a FinalState to the EdgeTraversal
+func (f *EdgeTraversal) WithFinalState(finalState map[string]MultiformatMessageString) *EdgeTraversal {
+	f.FinalState = finalState
+	return f
+}
+
+// WithEdgeID - add a EdgeID to the EdgeTraversal
+func (e *EdgeTraversal) WithEdgeID(edgeId string) *EdgeTraversal {
+	e.EdgeID = &edgeId
+	return e
+}
+
+// WithMessage - add a Message to the EdgeTraversal
+func (m *EdgeTraversal) WithMessage(message *Message) *EdgeTraversal {
+	m.Message = message
+	return m
+}
+
+// WithProperties - add a Properties to the EdgeTraversal
+func (p *EdgeTraversal) WithProperties(properties *PropertyBag) *EdgeTraversal {
+	p.Properties = properties
+	return p
+}
+
+// WithStepOverEdgeCount - add a StepOverEdgeCount to the EdgeTraversal
+func (s *EdgeTraversal) WithStepOverEdgeCount(stepOverEdgeCount int) *EdgeTraversal {
+	s.StepOverEdgeCount = &stepOverEdgeCount
+	return s
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/exception.go

@@ -0,0 +1,62 @@
+package sarif
+
+// Exception - Describes a runtime exception encountered during the execution of an analysis tool.
+type Exception struct {
+	// An array of exception objects each of which is considered a cause of this exception.
+	InnerExceptions []*Exception `json:"innerExceptions"`
+
+	// A string that identifies the kind of exception, for example, the fully qualified type name of an object that was thrown, or the symbolic name of a signal.
+	Kind *string `json:"kind,omitempty"`
+
+	// A message that describes the exception.
+	Message *string `json:"message,omitempty"`
+
+	// Key/value pairs that provide additional information about the exception.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The sequence of function calls leading to the exception.
+	Stack *Stack `json:"stack,omitempty"`
+}
+
+// NewException - creates a new
+func NewException() *Exception {
+	return &Exception{
+		InnerExceptions: make([]*Exception, 0),
+	}
+}
+
+// WithInnerExceptions - add a InnerExceptions to the Exception
+func (i *Exception) WithInnerExceptions(innerExceptions []*Exception) *Exception {
+	i.InnerExceptions = innerExceptions
+	return i
+}
+
+// AddInnerException - add a single InnerException to the Exception
+func (i *Exception) AddInnerException(innerException *Exception) *Exception {
+	i.InnerExceptions = append(i.InnerExceptions, innerException)
+	return i
+}
+
+// WithKind - add a Kind to the Exception
+func (k *Exception) WithKind(kind string) *Exception {
+	k.Kind = &kind
+	return k
+}
+
+// WithMessage - add a Message to the Exception
+func (m *Exception) WithMessage(message string) *Exception {
+	m.Message = &message
+	return m
+}
+
+// WithProperties - add a Properties to the Exception
+func (p *Exception) WithProperties(properties *PropertyBag) *Exception {
+	p.Properties = properties
+	return p
+}
+
+// WithStack - add a Stack to the Exception
+func (s *Exception) WithStack(stack *Stack) *Exception {
+	s.Stack = stack
+	return s
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/external_properties.go

@@ -0,0 +1,290 @@
+package sarif
+
+// ExternalProperties - The top-level element of an external property file.
+type ExternalProperties struct {
+	// Addresses that will be merged with a separate run.
+	Addresses []*Address `json:"addresses"`
+
+	// An array of artifact objects that will be merged with a separate run.
+	Artifacts []*Artifact `json:"artifacts,omitempty"`
+
+	// A conversion object that will be merged with a separate run.
+	Conversion *Conversion `json:"conversion,omitempty"`
+
+	// The analysis tool object that will be merged with a separate run.
+	Driver *ToolComponent `json:"driver,omitempty"`
+
+	// Tool extensions that will be merged with a separate run.
+	Extensions []*ToolComponent `json:"extensions"`
+
+	// Key/value pairs that provide additional information that will be merged with a separate run.
+	ExternalizedProperties *PropertyBag `json:"externalizedProperties,omitempty"`
+
+	// An array of graph objects that will be merged with a separate run.
+	Graphs []*Graph `json:"graphs"`
+
+	// A stable, unique identifier for this external properties object, in the form of a GUID.
+	GuID *string `json:"guid,omitempty"`
+
+	// Describes the invocation of the analysis tool that will be merged with a separate run.
+	Invocations []*Invocation `json:"invocations"`
+
+	// An array of logical locations such as namespaces, types or functions that will be merged with a separate run.
+	LogicalLocations []*LogicalLocation `json:"logicalLocations"`
+
+	// Tool policies that will be merged with a separate run.
+	Policies []*ToolComponent `json:"policies"`
+
+	// Key/value pairs that provide additional information about the external properties.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An array of result objects that will be merged with a separate run.
+	Results []*Result `json:"results"`
+
+	// A stable, unique identifier for the run associated with this external properties object, in the form of a GUID.
+	RunGuID *string `json:"runGuid,omitempty"`
+
+	// The URI of the JSON schema corresponding to the version of the external property file format.
+	Schema *string `json:"schema,omitempty"`
+
+	// Tool taxonomies that will be merged with a separate run.
+	Taxonomies []*ToolComponent `json:"taxonomies"`
+
+	// An array of threadFlowLocation objects that will be merged with a separate run.
+	ThreadFlowLocations []*ThreadFlowLocation `json:"threadFlowLocations"`
+
+	// Tool translations that will be merged with a separate run.
+	Translations []*ToolComponent `json:"translations"`
+
+	// The SARIF format version of this external properties object.
+	Version *string `json:"version,omitempty"`
+
+	// Requests that will be merged with a separate run.
+	WebRequests []*WebRequest `json:"webRequests"`
+
+	// Responses that will be merged with a separate run.
+	WebResponses []*WebResponse `json:"webResponses"`
+}
+
+// NewExternalProperties - creates a new
+func NewExternalProperties() *ExternalProperties {
+	return &ExternalProperties{
+		Addresses:           make([]*Address, 0),
+		Artifacts:           make([]*Artifact, 0),
+		Extensions:          make([]*ToolComponent, 0),
+		Graphs:              make([]*Graph, 0),
+		Invocations:         make([]*Invocation, 0),
+		LogicalLocations:    make([]*LogicalLocation, 0),
+		Policies:            make([]*ToolComponent, 0),
+		Results:             make([]*Result, 0),
+		Taxonomies:          make([]*ToolComponent, 0),
+		ThreadFlowLocations: make([]*ThreadFlowLocation, 0),
+		Translations:        make([]*ToolComponent, 0),
+		WebRequests:         make([]*WebRequest, 0),
+		WebResponses:        make([]*WebResponse, 0),
+	}
+}
+
+// WithAddresses - add a Addresses to the ExternalProperties
+func (a *ExternalProperties) WithAddresses(addresses []*Address) *ExternalProperties {
+	a.Addresses = addresses
+	return a
+}
+
+// AddAddresse - add a single Addresse to the ExternalProperties
+func (a *ExternalProperties) AddAddresse(addresse *Address) *ExternalProperties {
+	a.Addresses = append(a.Addresses, addresse)
+	return a
+}
+
+// WithArtifacts - add a Artifacts to the ExternalProperties
+func (a *ExternalProperties) WithArtifacts(artifacts []*Artifact) *ExternalProperties {
+	a.Artifacts = artifacts
+	return a
+}
+
+// AddArtifact - add a single Artifact to the ExternalProperties
+func (a *ExternalProperties) AddArtifact(artifact *Artifact) *ExternalProperties {
+	a.Artifacts = append(a.Artifacts, artifact)
+	return a
+}
+
+// WithConversion - add a Conversion to the ExternalProperties
+func (c *ExternalProperties) WithConversion(conversion *Conversion) *ExternalProperties {
+	c.Conversion = conversion
+	return c
+}
+
+// WithDriver - add a Driver to the ExternalProperties
+func (d *ExternalProperties) WithDriver(driver *ToolComponent) *ExternalProperties {
+	d.Driver = driver
+	return d
+}
+
+// WithExtensions - add a Extensions to the ExternalProperties
+func (e *ExternalProperties) WithExtensions(extensions []*ToolComponent) *ExternalProperties {
+	e.Extensions = extensions
+	return e
+}
+
+// AddExtension - add a single Extension to the ExternalProperties
+func (e *ExternalProperties) AddExtension(extension *ToolComponent) *ExternalProperties {
+	e.Extensions = append(e.Extensions, extension)
+	return e
+}
+
+// WithExternalizedProperties - add a ExternalizedProperties to the ExternalProperties
+func (e *ExternalProperties) WithExternalizedProperties(externalizedProperties *PropertyBag) *ExternalProperties {
+	e.ExternalizedProperties = externalizedProperties
+	return e
+}
+
+// WithGraphs - add a Graphs to the ExternalProperties
+func (g *ExternalProperties) WithGraphs(graphs []*Graph) *ExternalProperties {
+	g.Graphs = graphs
+	return g
+}
+
+// AddGraph - add a single Graph to the ExternalProperties
+func (g *ExternalProperties) AddGraph(graph *Graph) *ExternalProperties {
+	g.Graphs = append(g.Graphs, graph)
+	return g
+}
+
+// WithGuID - add a GuID to the ExternalProperties
+func (g *ExternalProperties) WithGuID(guid string) *ExternalProperties {
+	g.GuID = &guid
+	return g
+}
+
+// WithInvocations - add a Invocations to the ExternalProperties
+func (i *ExternalProperties) WithInvocations(invocations []*Invocation) *ExternalProperties {
+	i.Invocations = invocations
+	return i
+}
+
+// AddInvocation - add a single Invocation to the ExternalProperties
+func (i *ExternalProperties) AddInvocation(invocation *Invocation) *ExternalProperties {
+	i.Invocations = append(i.Invocations, invocation)
+	return i
+}
+
+// WithLogicalLocations - add a LogicalLocations to the ExternalProperties
+func (l *ExternalProperties) WithLogicalLocations(logicalLocations []*LogicalLocation) *ExternalProperties {
+	l.LogicalLocations = logicalLocations
+	return l
+}
+
+// AddLogicalLocation - add a single LogicalLocation to the ExternalProperties
+func (l *ExternalProperties) AddLogicalLocation(logicalLocation *LogicalLocation) *ExternalProperties {
+	l.LogicalLocations = append(l.LogicalLocations, logicalLocation)
+	return l
+}
+
+// WithPolicies - add a Policies to the ExternalProperties
+func (p *ExternalProperties) WithPolicies(policies []*ToolComponent) *ExternalProperties {
+	p.Policies = policies
+	return p
+}
+
+// AddPolicie - add a single Policie to the ExternalProperties
+func (p *ExternalProperties) AddPolicie(policie *ToolComponent) *ExternalProperties {
+	p.Policies = append(p.Policies, policie)
+	return p
+}
+
+// WithProperties - add a Properties to the ExternalProperties
+func (p *ExternalProperties) WithProperties(properties *PropertyBag) *ExternalProperties {
+	p.Properties = properties
+	return p
+}
+
+// WithResults - add a Results to the ExternalProperties
+func (r *ExternalProperties) WithResults(results []*Result) *ExternalProperties {
+	r.Results = results
+	return r
+}
+
+// AddResult - add a single Result to the ExternalProperties
+func (r *ExternalProperties) AddResult(result *Result) *ExternalProperties {
+	r.Results = append(r.Results, result)
+	return r
+}
+
+// WithRunGuID - add a RunGuID to the ExternalProperties
+func (r *ExternalProperties) WithRunGuID(runGuid string) *ExternalProperties {
+	r.RunGuID = &runGuid
+	return r
+}
+
+// WithSchema - add a Schema to the ExternalProperties
+func (s *ExternalProperties) WithSchema(schema string) *ExternalProperties {
+	s.Schema = &schema
+	return s
+}
+
+// WithTaxonomies - add a Taxonomies to the ExternalProperties
+func (t *ExternalProperties) WithTaxonomies(taxonomies []*ToolComponent) *ExternalProperties {
+	t.Taxonomies = taxonomies
+	return t
+}
+
+// AddTaxonomie - add a single Taxonomie to the ExternalProperties
+func (t *ExternalProperties) AddTaxonomie(taxonomie *ToolComponent) *ExternalProperties {
+	t.Taxonomies = append(t.Taxonomies, taxonomie)
+	return t
+}
+
+// WithThreadFlowLocations - add a ThreadFlowLocations to the ExternalProperties
+func (t *ExternalProperties) WithThreadFlowLocations(threadFlowLocations []*ThreadFlowLocation) *ExternalProperties {
+	t.ThreadFlowLocations = threadFlowLocations
+	return t
+}
+
+// AddThreadFlowLocation - add a single ThreadFlowLocation to the ExternalProperties
+func (t *ExternalProperties) AddThreadFlowLocation(threadFlowLocation *ThreadFlowLocation) *ExternalProperties {
+	t.ThreadFlowLocations = append(t.ThreadFlowLocations, threadFlowLocation)
+	return t
+}
+
+// WithTranslations - add a Translations to the ExternalProperties
+func (t *ExternalProperties) WithTranslations(translations []*ToolComponent) *ExternalProperties {
+	t.Translations = translations
+	return t
+}
+
+// AddTranslation - add a single Translation to the ExternalProperties
+func (t *ExternalProperties) AddTranslation(translation *ToolComponent) *ExternalProperties {
+	t.Translations = append(t.Translations, translation)
+	return t
+}
+
+// WithVersion - add a Version to the ExternalProperties
+func (v *ExternalProperties) WithVersion(version string) *ExternalProperties {
+	v.Version = &version
+	return v
+}
+
+// WithWebRequests - add a WebRequests to the ExternalProperties
+func (w *ExternalProperties) WithWebRequests(webRequests []*WebRequest) *ExternalProperties {
+	w.WebRequests = webRequests
+	return w
+}
+
+// AddWebRequest - add a single WebRequest to the ExternalProperties
+func (w *ExternalProperties) AddWebRequest(webRequest *WebRequest) *ExternalProperties {
+	w.WebRequests = append(w.WebRequests, webRequest)
+	return w
+}
+
+// WithWebResponses - add a WebResponses to the ExternalProperties
+func (w *ExternalProperties) WithWebResponses(webResponses []*WebResponse) *ExternalProperties {
+	w.WebResponses = webResponses
+	return w
+}
+
+// AddWebResponse - add a single WebResponse to the ExternalProperties
+func (w *ExternalProperties) AddWebResponse(webResponse *WebResponse) *ExternalProperties {
+	w.WebResponses = append(w.WebResponses, webResponse)
+	return w
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/external_property_file_reference.go

@@ -0,0 +1,47 @@
+package sarif
+
+// ExternalPropertyFileReference - Contains information that enables a SARIF consumer to locate the external property file that contains the value of an externalized property associated with the run.
+type ExternalPropertyFileReference struct {
+	// A stable, unique identifier for the external property file in the form of a GUID.
+	GuID *string `json:"guid,omitempty"`
+
+	// A non-negative integer specifying the number of items contained in the external property file.
+	ItemCount int `json:"itemCount"`
+
+	// The location of the external property file.
+	Location *ArtifactLocation `json:"location,omitempty"`
+
+	// Key/value pairs that provide additional information about the external property file.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewExternalPropertyFileReference - creates a new
+func NewExternalPropertyFileReference() *ExternalPropertyFileReference {
+	return &ExternalPropertyFileReference{
+		ItemCount: -1,
+	}
+}
+
+// WithGuID - add a GuID to the ExternalPropertyFileReference
+func (g *ExternalPropertyFileReference) WithGuID(guid string) *ExternalPropertyFileReference {
+	g.GuID = &guid
+	return g
+}
+
+// WithItemCount - add a ItemCount to the ExternalPropertyFileReference
+func (i *ExternalPropertyFileReference) WithItemCount(itemCount int) *ExternalPropertyFileReference {
+	i.ItemCount = itemCount
+	return i
+}
+
+// WithLocation - add a Location to the ExternalPropertyFileReference
+func (l *ExternalPropertyFileReference) WithLocation(location *ArtifactLocation) *ExternalPropertyFileReference {
+	l.Location = location
+	return l
+}
+
+// WithProperties - add a Properties to the ExternalPropertyFileReference
+func (p *ExternalPropertyFileReference) WithProperties(properties *PropertyBag) *ExternalPropertyFileReference {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/external_property_file_references.go

@@ -0,0 +1,254 @@
+package sarif
+
+// ExternalPropertyFileReferences - References to external property files that should be inlined with the content of a root log file.
+type ExternalPropertyFileReferences struct {
+	// An array of external property files containing run.addresses arrays to be merged with the root log file.
+	Addresses []*ExternalPropertyFileReference `json:"addresses"`
+
+	// An array of external property files containing run.artifacts arrays to be merged with the root log file.
+	Artifacts []*ExternalPropertyFileReference `json:"artifacts"`
+
+	// An external property file containing a run.conversion object to be merged with the root log file.
+	Conversion *ExternalPropertyFileReference `json:"conversion,omitempty"`
+
+	// An external property file containing a run.driver object to be merged with the root log file.
+	Driver *ExternalPropertyFileReference `json:"driver,omitempty"`
+
+	// An array of external property files containing run.extensions arrays to be merged with the root log file.
+	Extensions []*ExternalPropertyFileReference `json:"extensions"`
+
+	// An external property file containing a run.properties object to be merged with the root log file.
+	ExternalizedProperties *ExternalPropertyFileReference `json:"externalizedProperties,omitempty"`
+
+	// An array of external property files containing a run.graphs object to be merged with the root log file.
+	Graphs []*ExternalPropertyFileReference `json:"graphs"`
+
+	// An array of external property files containing run.invocations arrays to be merged with the root log file.
+	Invocations []*ExternalPropertyFileReference `json:"invocations"`
+
+	// An array of external property files containing run.logicalLocations arrays to be merged with the root log file.
+	LogicalLocations []*ExternalPropertyFileReference `json:"logicalLocations"`
+
+	// An array of external property files containing run.policies arrays to be merged with the root log file.
+	Policies []*ExternalPropertyFileReference `json:"policies"`
+
+	// Key/value pairs that provide additional information about the external property files.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An array of external property files containing run.results arrays to be merged with the root log file.
+	Results []*ExternalPropertyFileReference `json:"results"`
+
+	// An array of external property files containing run.taxonomies arrays to be merged with the root log file.
+	Taxonomies []*ExternalPropertyFileReference `json:"taxonomies"`
+
+	// An array of external property files containing run.threadFlowLocations arrays to be merged with the root log file.
+	ThreadFlowLocations []*ExternalPropertyFileReference `json:"threadFlowLocations"`
+
+	// An array of external property files containing run.translations arrays to be merged with the root log file.
+	Translations []*ExternalPropertyFileReference `json:"translations"`
+
+	// An array of external property files containing run.requests arrays to be merged with the root log file.
+	WebRequests []*ExternalPropertyFileReference `json:"webRequests"`
+
+	// An array of external property files containing run.responses arrays to be merged with the root log file.
+	WebResponses []*ExternalPropertyFileReference `json:"webResponses"`
+}
+
+// NewExternalPropertyFileReferences - creates a new
+func NewExternalPropertyFileReferences() *ExternalPropertyFileReferences {
+	return &ExternalPropertyFileReferences{
+		Addresses:           make([]*ExternalPropertyFileReference, 0),
+		Artifacts:           make([]*ExternalPropertyFileReference, 0),
+		Extensions:          make([]*ExternalPropertyFileReference, 0),
+		Graphs:              make([]*ExternalPropertyFileReference, 0),
+		Invocations:         make([]*ExternalPropertyFileReference, 0),
+		LogicalLocations:    make([]*ExternalPropertyFileReference, 0),
+		Policies:            make([]*ExternalPropertyFileReference, 0),
+		Results:             make([]*ExternalPropertyFileReference, 0),
+		Taxonomies:          make([]*ExternalPropertyFileReference, 0),
+		ThreadFlowLocations: make([]*ExternalPropertyFileReference, 0),
+		Translations:        make([]*ExternalPropertyFileReference, 0),
+		WebRequests:         make([]*ExternalPropertyFileReference, 0),
+		WebResponses:        make([]*ExternalPropertyFileReference, 0),
+	}
+}
+
+// WithAddresses - add a Addresses to the ExternalPropertyFileReferences
+func (a *ExternalPropertyFileReferences) WithAddresses(addresses []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	a.Addresses = addresses
+	return a
+}
+
+// AddAddresse - add a single Addresse to the ExternalPropertyFileReferences
+func (a *ExternalPropertyFileReferences) AddAddresse(addresse *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	a.Addresses = append(a.Addresses, addresse)
+	return a
+}
+
+// WithArtifacts - add a Artifacts to the ExternalPropertyFileReferences
+func (a *ExternalPropertyFileReferences) WithArtifacts(artifacts []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	a.Artifacts = artifacts
+	return a
+}
+
+// AddArtifact - add a single Artifact to the ExternalPropertyFileReferences
+func (a *ExternalPropertyFileReferences) AddArtifact(artifact *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	a.Artifacts = append(a.Artifacts, artifact)
+	return a
+}
+
+// WithConversion - add a Conversion to the ExternalPropertyFileReferences
+func (c *ExternalPropertyFileReferences) WithConversion(conversion *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	c.Conversion = conversion
+	return c
+}
+
+// WithDriver - add a Driver to the ExternalPropertyFileReferences
+func (d *ExternalPropertyFileReferences) WithDriver(driver *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	d.Driver = driver
+	return d
+}
+
+// WithExtensions - add a Extensions to the ExternalPropertyFileReferences
+func (e *ExternalPropertyFileReferences) WithExtensions(extensions []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	e.Extensions = extensions
+	return e
+}
+
+// AddExtension - add a single Extension to the ExternalPropertyFileReferences
+func (e *ExternalPropertyFileReferences) AddExtension(extension *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	e.Extensions = append(e.Extensions, extension)
+	return e
+}
+
+// WithExternalizedProperties - add a ExternalizedProperties to the ExternalPropertyFileReferences
+func (e *ExternalPropertyFileReferences) WithExternalizedProperties(externalizedProperties *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	e.ExternalizedProperties = externalizedProperties
+	return e
+}
+
+// WithGraphs - add a Graphs to the ExternalPropertyFileReferences
+func (g *ExternalPropertyFileReferences) WithGraphs(graphs []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	g.Graphs = graphs
+	return g
+}
+
+// AddGraph - add a single Graph to the ExternalPropertyFileReferences
+func (g *ExternalPropertyFileReferences) AddGraph(graph *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	g.Graphs = append(g.Graphs, graph)
+	return g
+}
+
+// WithInvocations - add a Invocations to the ExternalPropertyFileReferences
+func (i *ExternalPropertyFileReferences) WithInvocations(invocations []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	i.Invocations = invocations
+	return i
+}
+
+// AddInvocation - add a single Invocation to the ExternalPropertyFileReferences
+func (i *ExternalPropertyFileReferences) AddInvocation(invocation *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	i.Invocations = append(i.Invocations, invocation)
+	return i
+}
+
+// WithLogicalLocations - add a LogicalLocations to the ExternalPropertyFileReferences
+func (l *ExternalPropertyFileReferences) WithLogicalLocations(logicalLocations []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	l.LogicalLocations = logicalLocations
+	return l
+}
+
+// AddLogicalLocation - add a single LogicalLocation to the ExternalPropertyFileReferences
+func (l *ExternalPropertyFileReferences) AddLogicalLocation(logicalLocation *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	l.LogicalLocations = append(l.LogicalLocations, logicalLocation)
+	return l
+}
+
+// WithPolicies - add a Policies to the ExternalPropertyFileReferences
+func (p *ExternalPropertyFileReferences) WithPolicies(policies []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	p.Policies = policies
+	return p
+}
+
+// AddPolicie - add a single Policie to the ExternalPropertyFileReferences
+func (p *ExternalPropertyFileReferences) AddPolicie(policie *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	p.Policies = append(p.Policies, policie)
+	return p
+}
+
+// WithProperties - add a Properties to the ExternalPropertyFileReferences
+func (p *ExternalPropertyFileReferences) WithProperties(properties *PropertyBag) *ExternalPropertyFileReferences {
+	p.Properties = properties
+	return p
+}
+
+// WithResults - add a Results to the ExternalPropertyFileReferences
+func (r *ExternalPropertyFileReferences) WithResults(results []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	r.Results = results
+	return r
+}
+
+// AddResult - add a single Result to the ExternalPropertyFileReferences
+func (r *ExternalPropertyFileReferences) AddResult(result *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	r.Results = append(r.Results, result)
+	return r
+}
+
+// WithTaxonomies - add a Taxonomies to the ExternalPropertyFileReferences
+func (t *ExternalPropertyFileReferences) WithTaxonomies(taxonomies []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	t.Taxonomies = taxonomies
+	return t
+}
+
+// AddTaxonomie - add a single Taxonomie to the ExternalPropertyFileReferences
+func (t *ExternalPropertyFileReferences) AddTaxonomie(taxonomie *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	t.Taxonomies = append(t.Taxonomies, taxonomie)
+	return t
+}
+
+// WithThreadFlowLocations - add a ThreadFlowLocations to the ExternalPropertyFileReferences
+func (t *ExternalPropertyFileReferences) WithThreadFlowLocations(threadFlowLocations []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	t.ThreadFlowLocations = threadFlowLocations
+	return t
+}
+
+// AddThreadFlowLocation - add a single ThreadFlowLocation to the ExternalPropertyFileReferences
+func (t *ExternalPropertyFileReferences) AddThreadFlowLocation(threadFlowLocation *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	t.ThreadFlowLocations = append(t.ThreadFlowLocations, threadFlowLocation)
+	return t
+}
+
+// WithTranslations - add a Translations to the ExternalPropertyFileReferences
+func (t *ExternalPropertyFileReferences) WithTranslations(translations []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	t.Translations = translations
+	return t
+}
+
+// AddTranslation - add a single Translation to the ExternalPropertyFileReferences
+func (t *ExternalPropertyFileReferences) AddTranslation(translation *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	t.Translations = append(t.Translations, translation)
+	return t
+}
+
+// WithWebRequests - add a WebRequests to the ExternalPropertyFileReferences
+func (w *ExternalPropertyFileReferences) WithWebRequests(webRequests []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	w.WebRequests = webRequests
+	return w
+}
+
+// AddWebRequest - add a single WebRequest to the ExternalPropertyFileReferences
+func (w *ExternalPropertyFileReferences) AddWebRequest(webRequest *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	w.WebRequests = append(w.WebRequests, webRequest)
+	return w
+}
+
+// WithWebResponses - add a WebResponses to the ExternalPropertyFileReferences
+func (w *ExternalPropertyFileReferences) WithWebResponses(webResponses []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	w.WebResponses = webResponses
+	return w
+}
+
+// AddWebResponse - add a single WebResponse to the ExternalPropertyFileReferences
+func (w *ExternalPropertyFileReferences) AddWebResponse(webResponse *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	w.WebResponses = append(w.WebResponses, webResponse)
+	return w
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/fix.go

@@ -0,0 +1,44 @@
+package sarif
+
+// Fix - A proposed fix for the problem represented by a result object. A fix specifies a set of artifacts to modify. For each artifact, it specifies a set of bytes to remove, and provides a set of new bytes to replace them.
+type Fix struct {
+	// One or more artifact changes that comprise a fix for a result.
+	ArtifactChanges []*ArtifactChange `json:"artifactChanges,omitempty"`
+
+	// A message that describes the proposed fix, enabling viewers to present the proposed change to an end user.
+	Description *Message `json:"description,omitempty"`
+
+	// Key/value pairs that provide additional information about the fix.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewFix - creates a new
+func NewFix() *Fix {
+	return &Fix{
+		ArtifactChanges: make([]*ArtifactChange, 0),
+	}
+}
+
+// WithArtifactChanges - add a ArtifactChanges to the Fix
+func (a *Fix) WithArtifactChanges(artifactChanges []*ArtifactChange) *Fix {
+	a.ArtifactChanges = artifactChanges
+	return a
+}
+
+// AddArtifactChange - add a single ArtifactChange to the Fix
+func (a *Fix) AddArtifactChange(artifactChange *ArtifactChange) *Fix {
+	a.ArtifactChanges = append(a.ArtifactChanges, artifactChange)
+	return a
+}
+
+// WithDescription - add a Description to the Fix
+func (d *Fix) WithDescription(description *Message) *Fix {
+	d.Description = description
+	return d
+}
+
+// WithProperties - add a Properties to the Fix
+func (p *Fix) WithProperties(properties *PropertyBag) *Fix {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/graph.go

@@ -0,0 +1,60 @@
+package sarif
+
+// Graph - A network of nodes and directed edges that describes some aspect of the structure of the code (for example, a call graph).
+type Graph struct {
+	// A description of the graph.
+	Description *Message `json:"description,omitempty"`
+
+	// An array of edge objects representing the edges of the graph.
+	Edges []*Edge `json:"edges"`
+
+	// An array of node objects representing the nodes of the graph.
+	Nodes []*Node `json:"nodes"`
+
+	// Key/value pairs that provide additional information about the graph.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewGraph - creates a new
+func NewGraph() *Graph {
+	return &Graph{
+		Edges: make([]*Edge, 0),
+		Nodes: make([]*Node, 0),
+	}
+}
+
+// WithDescription - add a Description to the Graph
+func (d *Graph) WithDescription(description *Message) *Graph {
+	d.Description = description
+	return d
+}
+
+// WithEdges - add a Edges to the Graph
+func (e *Graph) WithEdges(edges []*Edge) *Graph {
+	e.Edges = edges
+	return e
+}
+
+// AddEdge - add a single Edge to the Graph
+func (e *Graph) AddEdge(edge *Edge) *Graph {
+	e.Edges = append(e.Edges, edge)
+	return e
+}
+
+// WithNodes - add a Nodes to the Graph
+func (n *Graph) WithNodes(nodes []*Node) *Graph {
+	n.Nodes = nodes
+	return n
+}
+
+// AddNode - add a single Node to the Graph
+func (n *Graph) AddNode(node *Node) *Graph {
+	n.Nodes = append(n.Nodes, node)
+	return n
+}
+
+// WithProperties - add a Properties to the Graph
+func (p *Graph) WithProperties(properties *PropertyBag) *Graph {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/graph_traversal.go

@@ -0,0 +1,94 @@
+package sarif
+
+// GraphTraversal - Represents a path through a graph.
+type GraphTraversal struct {
+	// Values of relevant expressions at the start of the graph traversal that may change during graph traversal.
+	InitialState map[string]MultiformatMessageString `json:"initialState,omitempty"`
+
+	// Values of relevant expressions at the start of the graph traversal that remain constant for the graph traversal.
+	ImmutableState map[string]MultiformatMessageString `json:"immutableState,omitempty"`
+
+	// A description of this graph traversal.
+	Description *Message `json:"description,omitempty"`
+
+	// The sequences of edges traversed by this graph traversal.
+	EdgeTraversals []*EdgeTraversal `json:"edgeTraversals"`
+
+	// Key/value pairs that provide additional information about the graph traversal.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The index within the result.graphs to be associated with the result.
+	ResultGraphIndex int `json:"resultGraphIndex"`
+
+	// The index within the run.graphs to be associated with the result.
+	RunGraphIndex int `json:"runGraphIndex"`
+}
+
+// NewGraphTraversal - creates a new
+func NewGraphTraversal() *GraphTraversal {
+	return &GraphTraversal{
+		EdgeTraversals:   make([]*EdgeTraversal, 0),
+		ResultGraphIndex: -1,
+		RunGraphIndex:    -1,
+	}
+}
+
+// AddInitialState - add a single InitialState to the GraphTraversal
+func (i *GraphTraversal) AddInitialState(key string, initialState MultiformatMessageString) *GraphTraversal {
+	i.InitialState[key] = initialState
+	return i
+}
+
+// WithInitialState - add a InitialState to the GraphTraversal
+func (i *GraphTraversal) WithInitialState(initialState map[string]MultiformatMessageString) *GraphTraversal {
+	i.InitialState = initialState
+	return i
+}
+
+// AddImmutableState - add a single ImmutableState to the GraphTraversal
+func (i *GraphTraversal) AddImmutableState(key string, immutableState MultiformatMessageString) *GraphTraversal {
+	i.ImmutableState[key] = immutableState
+	return i
+}
+
+// WithImmutableState - add a ImmutableState to the GraphTraversal
+func (i *GraphTraversal) WithImmutableState(immutableState map[string]MultiformatMessageString) *GraphTraversal {
+	i.ImmutableState = immutableState
+	return i
+}
+
+// WithDescription - add a Description to the GraphTraversal
+func (d *GraphTraversal) WithDescription(description *Message) *GraphTraversal {
+	d.Description = description
+	return d
+}
+
+// WithEdgeTraversals - add a EdgeTraversals to the GraphTraversal
+func (e *GraphTraversal) WithEdgeTraversals(edgeTraversals []*EdgeTraversal) *GraphTraversal {
+	e.EdgeTraversals = edgeTraversals
+	return e
+}
+
+// AddEdgeTraversal - add a single EdgeTraversal to the GraphTraversal
+func (e *GraphTraversal) AddEdgeTraversal(edgeTraversal *EdgeTraversal) *GraphTraversal {
+	e.EdgeTraversals = append(e.EdgeTraversals, edgeTraversal)
+	return e
+}
+
+// WithProperties - add a Properties to the GraphTraversal
+func (p *GraphTraversal) WithProperties(properties *PropertyBag) *GraphTraversal {
+	p.Properties = properties
+	return p
+}
+
+// WithResultGraphIndex - add a ResultGraphIndex to the GraphTraversal
+func (r *GraphTraversal) WithResultGraphIndex(resultGraphIndex int) *GraphTraversal {
+	r.ResultGraphIndex = resultGraphIndex
+	return r
+}
+
+// WithRunGraphIndex - add a RunGraphIndex to the GraphTraversal
+func (r *GraphTraversal) WithRunGraphIndex(runGraphIndex int) *GraphTraversal {
+	r.RunGraphIndex = runGraphIndex
+	return r
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/invocation.go

@@ -0,0 +1,292 @@
+package sarif
+
+// Invocation - The runtime environment of the analysis tool run.
+type Invocation struct {
+	// The environment variables associated with the analysis tool process, expressed as key/value pairs.
+	EnvironmentVariables map[string]string `json:"environmentVariables,omitempty"`
+
+	// The account under which the invocation occurred.
+	Account *string `json:"account,omitempty"`
+
+	// An array of strings, containing in order the command line arguments passed to the tool from the operating system.
+	Arguments []string `json:"arguments,omitempty"`
+
+	// The command line used to invoke the tool.
+	CommandLine *string `json:"commandLine,omitempty"`
+
+	// The Coordinated Universal Time (UTC) date and time at which the invocation ended. See "Date/time properties" in the SARIF spec for the required format.
+	EndTimeUtc *string `json:"endTimeUtc,omitempty"`
+
+	// An absolute URI specifying the location of the executable that was invoked.
+	ExecutableLocation *ArtifactLocation `json:"executableLocation,omitempty"`
+
+	// Specifies whether the tool's execution completed successfully.
+	ExecutionSuccessful *bool `json:"executionSuccessful,omitempty"`
+
+	// The process exit code.
+	ExitCode *int `json:"exitCode,omitempty"`
+
+	// The reason for the process exit.
+	ExitCodeDescription *string `json:"exitCodeDescription,omitempty"`
+
+	// The name of the signal that caused the process to exit.
+	ExitSignalName *string `json:"exitSignalName,omitempty"`
+
+	// The numeric value of the signal that caused the process to exit.
+	ExitSignalNumber *int `json:"exitSignalNumber,omitempty"`
+
+	// The machine on which the invocation occurred.
+	Machine *string `json:"machine,omitempty"`
+
+	// An array of configurationOverride objects that describe notifications related runtime overrides.
+	NotificationConfigurationOverrides []*ConfigurationOverride `json:"notificationConfigurationOverrides"`
+
+	// The id of the process in which the invocation occurred.
+	ProcessID *int `json:"processId,omitempty"`
+
+	// The reason given by the operating system that the process failed to start.
+	ProcessStartFailureMessage *string `json:"processStartFailureMessage,omitempty"`
+
+	// Key/value pairs that provide additional information about the invocation.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The locations of any response files specified on the tool's command line.
+	ResponseFiles []*ArtifactLocation `json:"responseFiles,omitempty"`
+
+	// An array of configurationOverride objects that describe rules related runtime overrides.
+	RuleConfigurationOverrides []*ConfigurationOverride `json:"ruleConfigurationOverrides"`
+
+	// The Coordinated Universal Time (UTC) date and time at which the invocation started. See "Date/time properties" in the SARIF spec for the required format.
+	StartTimeUtc *string `json:"startTimeUtc,omitempty"`
+
+	// A file containing the standard error stream from the process that was invoked.
+	Stderr *ArtifactLocation `json:"stderr,omitempty"`
+
+	// A file containing the standard input stream to the process that was invoked.
+	Stdin *ArtifactLocation `json:"stdin,omitempty"`
+
+	// A file containing the standard output stream from the process that was invoked.
+	Stdout *ArtifactLocation `json:"stdout,omitempty"`
+
+	// A file containing the interleaved standard output and standard error stream from the process that was invoked.
+	StdoutStderr *ArtifactLocation `json:"stdoutStderr,omitempty"`
+
+	// A list of conditions detected by the tool that are relevant to the tool's configuration.
+	ToolConfigurationNotifications []*Notification `json:"toolConfigurationNotifications"`
+
+	// A list of runtime conditions detected by the tool during the analysis.
+	ToolExecutionNotifications []*Notification `json:"toolExecutionNotifications"`
+
+	// The working directory for the invocation.
+	WorkingDirectory *ArtifactLocation `json:"workingDirectory,omitempty"`
+}
+
+// NewInvocation - creates a new
+func NewInvocation() *Invocation {
+	return &Invocation{
+		Arguments:                          make([]string, 0),
+		NotificationConfigurationOverrides: make([]*ConfigurationOverride, 0),
+		ResponseFiles:                      make([]*ArtifactLocation, 0),
+		RuleConfigurationOverrides:         make([]*ConfigurationOverride, 0),
+		ToolConfigurationNotifications:     make([]*Notification, 0),
+		ToolExecutionNotifications:         make([]*Notification, 0),
+	}
+}
+
+// AddEnvironmentVariable - add a single EnvironmentVariable to the Invocation
+func (e *Invocation) AddEnvironmentVariable(key, environmentVariable string) *Invocation {
+	e.EnvironmentVariables[key] = environmentVariable
+	return e
+}
+
+// WithEnvironmentVariables - add a EnvironmentVariables to the Invocation
+func (e *Invocation) WithEnvironmentVariables(environmentVariables map[string]string) *Invocation {
+	e.EnvironmentVariables = environmentVariables
+	return e
+}
+
+// WithAccount - add a Account to the Invocation
+func (a *Invocation) WithAccount(account string) *Invocation {
+	a.Account = &account
+	return a
+}
+
+// WithArguments - add a Arguments to the Invocation
+func (a *Invocation) WithArguments(arguments []string) *Invocation {
+	a.Arguments = arguments
+	return a
+}
+
+// AddArgument - add a single Argument to the Invocation
+func (a *Invocation) AddArgument(argument string) *Invocation {
+	a.Arguments = append(a.Arguments, argument)
+	return a
+}
+
+// WithCommandLine - add a CommandLine to the Invocation
+func (c *Invocation) WithCommandLine(commandLine string) *Invocation {
+	c.CommandLine = &commandLine
+	return c
+}
+
+// WithEndTimeUtc - add a EndTimeUtc to the Invocation
+func (e *Invocation) WithEndTimeUtc(endTimeUtc string) *Invocation {
+	e.EndTimeUtc = &endTimeUtc
+	return e
+}
+
+// WithExecutableLocation - add a ExecutableLocation to the Invocation
+func (e *Invocation) WithExecutableLocation(executableLocation *ArtifactLocation) *Invocation {
+	e.ExecutableLocation = executableLocation
+	return e
+}
+
+// WithExecutionSuccessful - add a ExecutionSuccessful to the Invocation
+func (e *Invocation) WithExecutionSuccessful(executionSuccessful bool) *Invocation {
+	e.ExecutionSuccessful = &executionSuccessful
+	return e
+}
+
+// WithExitCode - add a ExitCode to the Invocation
+func (e *Invocation) WithExitCode(exitCode int) *Invocation {
+	e.ExitCode = &exitCode
+	return e
+}
+
+// WithExitCodeDescription - add a ExitCodeDescription to the Invocation
+func (e *Invocation) WithExitCodeDescription(exitCodeDescription string) *Invocation {
+	e.ExitCodeDescription = &exitCodeDescription
+	return e
+}
+
+// WithExitSignalName - add a ExitSignalName to the Invocation
+func (e *Invocation) WithExitSignalName(exitSignalName string) *Invocation {
+	e.ExitSignalName = &exitSignalName
+	return e
+}
+
+// WithExitSignalNumber - add a ExitSignalNumber to the Invocation
+func (e *Invocation) WithExitSignalNumber(exitSignalNumber int) *Invocation {
+	e.ExitSignalNumber = &exitSignalNumber
+	return e
+}
+
+// WithMachine - add a Machine to the Invocation
+func (m *Invocation) WithMachine(machine string) *Invocation {
+	m.Machine = &machine
+	return m
+}
+
+// WithNotificationConfigurationOverrides - add a NotificationConfigurationOverrides to the Invocation
+func (n *Invocation) WithNotificationConfigurationOverrides(notificationConfigurationOverrides []*ConfigurationOverride) *Invocation {
+	n.NotificationConfigurationOverrides = notificationConfigurationOverrides
+	return n
+}
+
+// AddNotificationConfigurationOverride - add a single NotificationConfigurationOverride to the Invocation
+func (n *Invocation) AddNotificationConfigurationOverride(notificationConfigurationOverride *ConfigurationOverride) *Invocation {
+	n.NotificationConfigurationOverrides = append(n.NotificationConfigurationOverrides, notificationConfigurationOverride)
+	return n
+}
+
+// WithProcessID - add a ProcessID to the Invocation
+func (p *Invocation) WithProcessID(processId int) *Invocation {
+	p.ProcessID = &processId
+	return p
+}
+
+// WithProcessStartFailureMessage - add a ProcessStartFailureMessage to the Invocation
+func (p *Invocation) WithProcessStartFailureMessage(processStartFailureMessage string) *Invocation {
+	p.ProcessStartFailureMessage = &processStartFailureMessage
+	return p
+}
+
+// WithProperties - add a Properties to the Invocation
+func (p *Invocation) WithProperties(properties *PropertyBag) *Invocation {
+	p.Properties = properties
+	return p
+}
+
+// WithResponseFiles - add a ResponseFiles to the Invocation
+func (r *Invocation) WithResponseFiles(responseFiles []*ArtifactLocation) *Invocation {
+	r.ResponseFiles = responseFiles
+	return r
+}
+
+// AddResponseFile - add a single ResponseFile to the Invocation
+func (r *Invocation) AddResponseFile(responseFile *ArtifactLocation) *Invocation {
+	r.ResponseFiles = append(r.ResponseFiles, responseFile)
+	return r
+}
+
+// WithRuleConfigurationOverrides - add a RuleConfigurationOverrides to the Invocation
+func (r *Invocation) WithRuleConfigurationOverrides(ruleConfigurationOverrides []*ConfigurationOverride) *Invocation {
+	r.RuleConfigurationOverrides = ruleConfigurationOverrides
+	return r
+}
+
+// AddRuleConfigurationOverride - add a single RuleConfigurationOverride to the Invocation
+func (r *Invocation) AddRuleConfigurationOverride(ruleConfigurationOverride *ConfigurationOverride) *Invocation {
+	r.RuleConfigurationOverrides = append(r.RuleConfigurationOverrides, ruleConfigurationOverride)
+	return r
+}
+
+// WithStartTimeUtc - add a StartTimeUtc to the Invocation
+func (s *Invocation) WithStartTimeUtc(startTimeUtc string) *Invocation {
+	s.StartTimeUtc = &startTimeUtc
+	return s
+}
+
+// WithStderr - add a Stderr to the Invocation
+func (s *Invocation) WithStderr(stderr *ArtifactLocation) *Invocation {
+	s.Stderr = stderr
+	return s
+}
+
+// WithStdin - add a Stdin to the Invocation
+func (s *Invocation) WithStdin(stdin *ArtifactLocation) *Invocation {
+	s.Stdin = stdin
+	return s
+}
+
+// WithStdout - add a Stdout to the Invocation
+func (s *Invocation) WithStdout(stdout *ArtifactLocation) *Invocation {
+	s.Stdout = stdout
+	return s
+}
+
+// WithStdoutStderr - add a StdoutStderr to the Invocation
+func (s *Invocation) WithStdoutStderr(stdoutStderr *ArtifactLocation) *Invocation {
+	s.StdoutStderr = stdoutStderr
+	return s
+}
+
+// WithToolConfigurationNotifications - add a ToolConfigurationNotifications to the Invocation
+func (t *Invocation) WithToolConfigurationNotifications(toolConfigurationNotifications []*Notification) *Invocation {
+	t.ToolConfigurationNotifications = toolConfigurationNotifications
+	return t
+}
+
+// AddToolConfigurationNotification - add a single ToolConfigurationNotification to the Invocation
+func (t *Invocation) AddToolConfigurationNotification(toolConfigurationNotification *Notification) *Invocation {
+	t.ToolConfigurationNotifications = append(t.ToolConfigurationNotifications, toolConfigurationNotification)
+	return t
+}
+
+// WithToolExecutionNotifications - add a ToolExecutionNotifications to the Invocation
+func (t *Invocation) WithToolExecutionNotifications(toolExecutionNotifications []*Notification) *Invocation {
+	t.ToolExecutionNotifications = toolExecutionNotifications
+	return t
+}
+
+// AddToolExecutionNotification - add a single ToolExecutionNotification to the Invocation
+func (t *Invocation) AddToolExecutionNotification(toolExecutionNotification *Notification) *Invocation {
+	t.ToolExecutionNotifications = append(t.ToolExecutionNotifications, toolExecutionNotification)
+	return t
+}
+
+// WithWorkingDirectory - add a WorkingDirectory to the Invocation
+func (w *Invocation) WithWorkingDirectory(workingDirectory *ArtifactLocation) *Invocation {
+	w.WorkingDirectory = workingDirectory
+	return w
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/location.go

@@ -0,0 +1,95 @@
+package sarif
+
+// Location - A location within a programming artifact.
+type Location struct {
+	// A set of regions relevant to the location.
+	Annotations []*Region `json:"annotations"`
+
+	// Value that distinguishes this location from all other locations within a single result object.
+	ID int `json:"id"`
+
+	// The logical locations associated with the result.
+	LogicalLocations []*LogicalLocation `json:"logicalLocations"`
+
+	// A message relevant to the location.
+	Message *Message `json:"message,omitempty"`
+
+	// Identifies the artifact and region.
+	PhysicalLocation *PhysicalLocation `json:"physicalLocation,omitempty"`
+
+	// Key/value pairs that provide additional information about the location.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An array of objects that describe relationships between this location and others.
+	Relationships []*LocationRelationship `json:"relationships"`
+}
+
+// NewLocation - creates a new
+func NewLocation() *Location {
+	return &Location{
+		Annotations:      make([]*Region, 0),
+		ID:               -1,
+		LogicalLocations: make([]*LogicalLocation, 0),
+		Relationships:    make([]*LocationRelationship, 0),
+	}
+}
+
+// WithAnnotations - add a Annotations to the Location
+func (a *Location) WithAnnotations(annotations []*Region) *Location {
+	a.Annotations = annotations
+	return a
+}
+
+// AddAnnotation - add a single Annotation to the Location
+func (a *Location) AddAnnotation(annotation *Region) *Location {
+	a.Annotations = append(a.Annotations, annotation)
+	return a
+}
+
+// WithID - add a ID to the Location
+func (i *Location) WithID(id int) *Location {
+	i.ID = id
+	return i
+}
+
+// WithLogicalLocations - add a LogicalLocations to the Location
+func (l *Location) WithLogicalLocations(logicalLocations []*LogicalLocation) *Location {
+	l.LogicalLocations = logicalLocations
+	return l
+}
+
+// AddLogicalLocation - add a single LogicalLocation to the Location
+func (l *Location) AddLogicalLocation(logicalLocation *LogicalLocation) *Location {
+	l.LogicalLocations = append(l.LogicalLocations, logicalLocation)
+	return l
+}
+
+// WithMessage - add a Message to the Location
+func (m *Location) WithMessage(message *Message) *Location {
+	m.Message = message
+	return m
+}
+
+// WithPhysicalLocation - add a PhysicalLocation to the Location
+func (p *Location) WithPhysicalLocation(physicalLocation *PhysicalLocation) *Location {
+	p.PhysicalLocation = physicalLocation
+	return p
+}
+
+// WithProperties - add a Properties to the Location
+func (p *Location) WithProperties(properties *PropertyBag) *Location {
+	p.Properties = properties
+	return p
+}
+
+// WithRelationships - add a Relationships to the Location
+func (r *Location) WithRelationships(relationships []*LocationRelationship) *Location {
+	r.Relationships = relationships
+	return r
+}
+
+// AddRelationship - add a single Relationship to the Location
+func (r *Location) AddRelationship(relationship *LocationRelationship) *Location {
+	r.Relationships = append(r.Relationships, relationship)
+	return r
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/location_companion.go

@@ -0,0 +1,6 @@
+package sarif
+
+// NewLocationWithPhysicalLocation creates a Location with a PhysicalLocation
+func NewLocationWithPhysicalLocation(physicalLocation *PhysicalLocation) *Location {
+	return NewLocation().WithPhysicalLocation(physicalLocation)
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/location_relationship.go

@@ -0,0 +1,53 @@
+package sarif
+
+// LocationRelationship - Information about the relation of one location to another.
+type LocationRelationship struct {
+	// A description of the location relationship.
+	Description *Message `json:"description,omitempty"`
+
+	// A set of distinct strings that categorize the relationship. Well-known kinds include 'includes', 'isIncludedBy' and 'relevant'.
+	Kinds []string `json:"kinds"`
+
+	// Key/value pairs that provide additional information about the location relationship.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A reference to the related location.
+	Target *int `json:"target,omitempty"`
+}
+
+// NewLocationRelationship - creates a new
+func NewLocationRelationship() *LocationRelationship {
+	return &LocationRelationship{
+		Kinds: []string{"relevant"},
+	}
+}
+
+// WithDescription - add a Description to the LocationRelationship
+func (d *LocationRelationship) WithDescription(description *Message) *LocationRelationship {
+	d.Description = description
+	return d
+}
+
+// WithKinds - add a Kinds to the LocationRelationship
+func (k *LocationRelationship) WithKinds(kinds []string) *LocationRelationship {
+	k.Kinds = kinds
+	return k
+}
+
+// AddKind - add a single Kind to the LocationRelationship
+func (k *LocationRelationship) AddKind(kind string) *LocationRelationship {
+	k.Kinds = append(k.Kinds, kind)
+	return k
+}
+
+// WithProperties - add a Properties to the LocationRelationship
+func (p *LocationRelationship) WithProperties(properties *PropertyBag) *LocationRelationship {
+	p.Properties = properties
+	return p
+}
+
+// WithTarget - add a Target to the LocationRelationship
+func (t *LocationRelationship) WithTarget(target int) *LocationRelationship {
+	t.Target = &target
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/logical_location.go

@@ -0,0 +1,75 @@
+package sarif
+
+// LogicalLocation - A logical location of a construct that produced a result.
+type LogicalLocation struct {
+	// The machine-readable name for the logical location, such as a mangled function name provided by a C++ compiler that encodes calling convention, return type and other details along with the function name.
+	DecoratedName *string `json:"decoratedName,omitempty"`
+
+	// The human-readable fully qualified name of the logical location.
+	FullyQualifiedName *string `json:"fullyQualifiedName,omitempty"`
+
+	// The index within the logical locations array.
+	Index int `json:"index"`
+
+	// The type of construct this logical location component refers to. Should be one of 'function', 'member', 'module', 'namespace', 'parameter', 'resource', 'returnType', 'type', 'variable', 'object', 'array', 'property', 'value', 'element', 'text', 'attribute', 'comment', 'declaration', 'dtd' or 'processingInstruction', if any of those accurately describe the construct.
+	Kind *string `json:"kind,omitempty"`
+
+	// Identifies the construct in which the result occurred. For example, this property might contain the name of a class or a method.
+	Name *string `json:"name,omitempty"`
+
+	// Identifies the index of the immediate parent of the construct in which the result was detected. For example, this property might point to a logical location that represents the namespace that holds a type.
+	ParentIndex int `json:"parentIndex"`
+
+	// Key/value pairs that provide additional information about the logical location.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewLogicalLocation - creates a new
+func NewLogicalLocation() *LogicalLocation {
+	return &LogicalLocation{
+		Index:       -1,
+		ParentIndex: -1,
+	}
+}
+
+// WithDecoratedName - add a DecoratedName to the LogicalLocation
+func (d *LogicalLocation) WithDecoratedName(decoratedName string) *LogicalLocation {
+	d.DecoratedName = &decoratedName
+	return d
+}
+
+// WithFullyQualifiedName - add a FullyQualifiedName to the LogicalLocation
+func (f *LogicalLocation) WithFullyQualifiedName(fullyQualifiedName string) *LogicalLocation {
+	f.FullyQualifiedName = &fullyQualifiedName
+	return f
+}
+
+// WithIndex - add a Index to the LogicalLocation
+func (i *LogicalLocation) WithIndex(index int) *LogicalLocation {
+	i.Index = index
+	return i
+}
+
+// WithKind - add a Kind to the LogicalLocation
+func (k *LogicalLocation) WithKind(kind string) *LogicalLocation {
+	k.Kind = &kind
+	return k
+}
+
+// WithName - add a Name to the LogicalLocation
+func (n *LogicalLocation) WithName(name string) *LogicalLocation {
+	n.Name = &name
+	return n
+}
+
+// WithParentIndex - add a ParentIndex to the LogicalLocation
+func (p *LogicalLocation) WithParentIndex(parentIndex int) *LogicalLocation {
+	p.ParentIndex = parentIndex
+	return p
+}
+
+// WithProperties - add a Properties to the LogicalLocation
+func (p *LogicalLocation) WithProperties(properties *PropertyBag) *LogicalLocation {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/message.go

@@ -0,0 +1,62 @@
+package sarif
+
+// Message - Encapsulates a message intended to be read by the end user.
+type Message struct {
+	// An array of strings to substitute into the message string.
+	Arguments []string `json:"arguments"`
+
+	// The identifier for this message.
+	ID *string `json:"id,omitempty"`
+
+	// A Markdown message string.
+	Markdown *string `json:"markdown,omitempty"`
+
+	// Key/value pairs that provide additional information about the message.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A plain text message string.
+	Text *string `json:"text,omitempty"`
+}
+
+// NewMessage - creates a new
+func NewMessage() *Message {
+	return &Message{
+		Arguments: make([]string, 0),
+	}
+}
+
+// WithArguments - add a Arguments to the Message
+func (a *Message) WithArguments(arguments []string) *Message {
+	a.Arguments = arguments
+	return a
+}
+
+// AddArgument - add a single Argument to the Message
+func (a *Message) AddArgument(argument string) *Message {
+	a.Arguments = append(a.Arguments, argument)
+	return a
+}
+
+// WithID - add a ID to the Message
+func (i *Message) WithID(id string) *Message {
+	i.ID = &id
+	return i
+}
+
+// WithMarkdown - add a Markdown to the Message
+func (m *Message) WithMarkdown(markdown string) *Message {
+	m.Markdown = &markdown
+	return m
+}
+
+// WithProperties - add a Properties to the Message
+func (p *Message) WithProperties(properties *PropertyBag) *Message {
+	p.Properties = properties
+	return p
+}
+
+// WithText - add a Text to the Message
+func (t *Message) WithText(text string) *Message {
+	t.Text = &text
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/message_companion.go

@@ -0,0 +1,6 @@
+package sarif
+
+// NewTextMessage creates a simple text message
+func NewTextMessage(text string) *Message {
+	return NewMessage().WithText(text)
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/multiformat_message_string.go

@@ -0,0 +1,36 @@
+package sarif
+
+// MultiformatMessageString - A message string or message format string rendered in multiple formats.
+type MultiformatMessageString struct {
+	// A Markdown message string or format string.
+	Markdown *string `json:"markdown,omitempty"`
+
+	// Key/value pairs that provide additional information about the message.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A plain text message string or format string.
+	Text *string `json:"text,omitempty"`
+}
+
+// NewMultiformatMessageString - creates a new
+func NewMultiformatMessageString() *MultiformatMessageString {
+	return &MultiformatMessageString{}
+}
+
+// WithMarkdown - add a Markdown to the MultiformatMessageString
+func (m *MultiformatMessageString) WithMarkdown(markdown string) *MultiformatMessageString {
+	m.Markdown = &markdown
+	return m
+}
+
+// WithProperties - add a Properties to the MultiformatMessageString
+func (p *MultiformatMessageString) WithProperties(properties *PropertyBag) *MultiformatMessageString {
+	p.Properties = properties
+	return p
+}
+
+// WithText - add a Text to the MultiformatMessageString
+func (t *MultiformatMessageString) WithText(text string) *MultiformatMessageString {
+	t.Text = &text
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/node.go

@@ -0,0 +1,62 @@
+package sarif
+
+// Node - Represents a node in a graph.
+type Node struct {
+	// Array of child nodes.
+	Children []*Node `json:"children"`
+
+	// A string that uniquely identifies the node within its graph.
+	ID *string `json:"id,omitempty"`
+
+	// A short description of the node.
+	Label *Message `json:"label,omitempty"`
+
+	// A code location associated with the node.
+	Location *Location `json:"location,omitempty"`
+
+	// Key/value pairs that provide additional information about the node.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewNode - creates a new
+func NewNode() *Node {
+	return &Node{
+		Children: make([]*Node, 0),
+	}
+}
+
+// WithChildren - add a Children to the Node
+func (c *Node) WithChildren(children []*Node) *Node {
+	c.Children = children
+	return c
+}
+
+// AddChildren - add a single Children to the Node
+func (c *Node) AddChildren(children *Node) *Node {
+	c.Children = append(c.Children, children)
+	return c
+}
+
+// WithID - add a ID to the Node
+func (i *Node) WithID(id string) *Node {
+	i.ID = &id
+	return i
+}
+
+// WithLabel - add a Label to the Node
+func (l *Node) WithLabel(label *Message) *Node {
+	l.Label = label
+	return l
+}
+
+// WithLocation - add a Location to the Node
+func (l *Node) WithLocation(location *Location) *Node {
+	l.Location = location
+	return l
+}
+
+// WithProperties - add a Properties to the Node
+func (p *Node) WithProperties(properties *PropertyBag) *Node {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/notification.go

@@ -0,0 +1,99 @@
+package sarif
+
+// Notification - Describes a condition relevant to the tool itself, as opposed to being relevant to a target being analyzed by the tool.
+type Notification struct {
+	// A reference used to locate the rule descriptor associated with this notification.
+	AssociatedRule *ReportingDescriptorReference `json:"associatedRule,omitempty"`
+
+	// A reference used to locate the descriptor relevant to this notification.
+	Descriptor *ReportingDescriptorReference `json:"descriptor,omitempty"`
+
+	// The runtime exception, if any, relevant to this notification.
+	Exception *Exception `json:"exception,omitempty"`
+
+	// A value specifying the severity level of the notification.
+	Level string `json:"level"`
+
+	// The locations relevant to this notification.
+	Locations []*Location `json:"locations"`
+
+	// A message that describes the condition that was encountered.
+	Message *Message `json:"message,omitempty"`
+
+	// Key/value pairs that provide additional information about the notification.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The thread identifier of the code that generated the notification.
+	ThreadID *int `json:"threadId,omitempty"`
+
+	// The Coordinated Universal Time (UTC) date and time at which the analysis tool generated the notification.
+	TimeUtc *string `json:"timeUtc,omitempty"`
+}
+
+// NewNotification - creates a new
+func NewNotification() *Notification {
+	return &Notification{
+		Level:     "warning",
+		Locations: make([]*Location, 0),
+	}
+}
+
+// WithAssociatedRule - add a AssociatedRule to the Notification
+func (a *Notification) WithAssociatedRule(associatedRule *ReportingDescriptorReference) *Notification {
+	a.AssociatedRule = associatedRule
+	return a
+}
+
+// WithDescriptor - add a Descriptor to the Notification
+func (d *Notification) WithDescriptor(descriptor *ReportingDescriptorReference) *Notification {
+	d.Descriptor = descriptor
+	return d
+}
+
+// WithException - add a Exception to the Notification
+func (e *Notification) WithException(exception *Exception) *Notification {
+	e.Exception = exception
+	return e
+}
+
+// WithLevel - add a Level to the Notification
+func (l *Notification) WithLevel(level string) *Notification {
+	l.Level = level
+	return l
+}
+
+// WithLocations - add a Locations to the Notification
+func (l *Notification) WithLocations(locations []*Location) *Notification {
+	l.Locations = locations
+	return l
+}
+
+// AddLocation - add a single Location to the Notification
+func (l *Notification) AddLocation(location *Location) *Notification {
+	l.Locations = append(l.Locations, location)
+	return l
+}
+
+// WithMessage - add a Message to the Notification
+func (m *Notification) WithMessage(message *Message) *Notification {
+	m.Message = message
+	return m
+}
+
+// WithProperties - add a Properties to the Notification
+func (p *Notification) WithProperties(properties *PropertyBag) *Notification {
+	p.Properties = properties
+	return p
+}
+
+// WithThreadID - add a ThreadID to the Notification
+func (t *Notification) WithThreadID(threadId int) *Notification {
+	t.ThreadID = &threadId
+	return t
+}
+
+// WithTimeUtc - add a TimeUtc to the Notification
+func (t *Notification) WithTimeUtc(timeUtc string) *Notification {
+	t.TimeUtc = &timeUtc
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/physical_location.go

@@ -0,0 +1,54 @@
+package sarif
+
+// PhysicalLocation - A physical location relevant to a result. Specifies a reference to a programming artifact together with a range of bytes or characters within that artifact.
+type PhysicalLocation struct {
+	// The address of the location.
+	Address *Address `json:"address,omitempty"`
+
+	// The location of the artifact.
+	ArtifactLocation *ArtifactLocation `json:"artifactLocation,omitempty"`
+
+	// Specifies a portion of the artifact that encloses the region. Allows a viewer to display additional context around the region.
+	ContextRegion *Region `json:"contextRegion,omitempty"`
+
+	// Key/value pairs that provide additional information about the physical location.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// Specifies a portion of the artifact.
+	Region *Region `json:"region,omitempty"`
+}
+
+// NewPhysicalLocation - creates a new
+func NewPhysicalLocation() *PhysicalLocation {
+	return &PhysicalLocation{}
+}
+
+// WithAddress - add a Address to the PhysicalLocation
+func (a *PhysicalLocation) WithAddress(address *Address) *PhysicalLocation {
+	a.Address = address
+	return a
+}
+
+// WithArtifactLocation - add a ArtifactLocation to the PhysicalLocation
+func (a *PhysicalLocation) WithArtifactLocation(artifactLocation *ArtifactLocation) *PhysicalLocation {
+	a.ArtifactLocation = artifactLocation
+	return a
+}
+
+// WithContextRegion - add a ContextRegion to the PhysicalLocation
+func (c *PhysicalLocation) WithContextRegion(contextRegion *Region) *PhysicalLocation {
+	c.ContextRegion = contextRegion
+	return c
+}
+
+// WithProperties - add a Properties to the PhysicalLocation
+func (p *PhysicalLocation) WithProperties(properties *PropertyBag) *PhysicalLocation {
+	p.Properties = properties
+	return p
+}
+
+// WithRegion - add a Region to the PhysicalLocation
+func (r *PhysicalLocation) WithRegion(region *Region) *PhysicalLocation {
+	r.Region = region
+	return r
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/properties.go

@@ -0,0 +1,3 @@
+package sarif
+
+type Properties map[string]interface{}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/property_bag.go

@@ -0,0 +1,36 @@
+package sarif
+
+// PropertyBag - Key/value pairs that provide additional information about the object.
+type PropertyBag struct {
+	// AdditionalProperties - additional properties
+	Properties Properties `json:"properties,omitempty"`
+
+	// A set of distinct strings that provide additional information.
+	Tags []string `json:"tags"`
+}
+
+// NewPropertyBag - creates a new
+func NewPropertyBag() *PropertyBag {
+	return &PropertyBag{
+		Properties: make(Properties),
+		Tags:       make([]string, 0),
+	}
+}
+
+// AddProperty - add a property to the properties
+func (p *PropertyBag) Add(key string, value interface{}) *PropertyBag {
+	p.Properties[key] = value
+	return p
+}
+
+// WithTags - add a Tags to the PropertyBag
+func (t *PropertyBag) WithTags(tags []string) *PropertyBag {
+	t.Tags = tags
+	return t
+}
+
+// AddTag - add a single Tag to the PropertyBag
+func (t *PropertyBag) AddTag(tag string) *PropertyBag {
+	t.Tags = append(t.Tags, tag)
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/property_bag_companion.go

@@ -0,0 +1,36 @@
+package sarif
+
+import "encoding/json"
+
+// MarshalJSON - custom JSON marshaller for PropertyBag
+func (p PropertyBag) MarshalJSON() ([]byte, error) {
+	// type Alias PropertyBag
+	aux := make(map[string]interface{})
+	for k, v := range p.Properties {
+		aux[k] = v
+	}
+	if len(p.Tags) > 0 {
+		aux["tags"] = p.Tags
+	}
+	return json.Marshal(aux)
+}
+
+// UnmarshalJSON - custom JSON unmarshaller for PropertyBag
+func (p *PropertyBag) UnmarshalJSON(data []byte) error {
+	// type Alias PropertyBag
+	aux := struct {
+		Tags []string `json:"tags,omitempty"`
+	}{}
+	if err := json.Unmarshal(data, &aux); err != nil {
+		return err
+	}
+	p.Tags = aux.Tags
+
+	var raw map[string]interface{}
+	if err := json.Unmarshal(data, &raw); err != nil {
+		return err
+	}
+	delete(raw, "tags")
+	p.Properties = raw
+	return nil
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/rectangle.go

@@ -0,0 +1,63 @@
+package sarif
+
+// Rectangle - An area within an image.
+type Rectangle struct {
+	// The Y coordinate of the bottom edge of the rectangle, measured in the image's natural units.
+	Bottom *float64 `json:"bottom,omitempty"`
+
+	// The X coordinate of the left edge of the rectangle, measured in the image's natural units.
+	Left *float64 `json:"left,omitempty"`
+
+	// A message relevant to the rectangle.
+	Message *Message `json:"message,omitempty"`
+
+	// Key/value pairs that provide additional information about the rectangle.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The X coordinate of the right edge of the rectangle, measured in the image's natural units.
+	Right *float64 `json:"right,omitempty"`
+
+	// The Y coordinate of the top edge of the rectangle, measured in the image's natural units.
+	Top *float64 `json:"top,omitempty"`
+}
+
+// NewRectangle - creates a new
+func NewRectangle() *Rectangle {
+	return &Rectangle{}
+}
+
+// WithBottom - add a Bottom to the Rectangle
+func (b *Rectangle) WithBottom(bottom float64) *Rectangle {
+	b.Bottom = &bottom
+	return b
+}
+
+// WithLeft - add a Left to the Rectangle
+func (l *Rectangle) WithLeft(left float64) *Rectangle {
+	l.Left = &left
+	return l
+}
+
+// WithMessage - add a Message to the Rectangle
+func (m *Rectangle) WithMessage(message *Message) *Rectangle {
+	m.Message = message
+	return m
+}
+
+// WithProperties - add a Properties to the Rectangle
+func (p *Rectangle) WithProperties(properties *PropertyBag) *Rectangle {
+	p.Properties = properties
+	return p
+}
+
+// WithRight - add a Right to the Rectangle
+func (r *Rectangle) WithRight(right float64) *Rectangle {
+	r.Right = &right
+	return r
+}
+
+// WithTop - add a Top to the Rectangle
+func (t *Rectangle) WithTop(top float64) *Rectangle {
+	t.Top = &top
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/region.go

@@ -0,0 +1,120 @@
+package sarif
+
+// Region - A region within an artifact where a result was detected.
+type Region struct {
+	// The length of the region in bytes.
+	ByteLength *int `json:"byteLength,omitempty"`
+
+	// The zero-based offset from the beginning of the artifact of the first byte in the region.
+	ByteOffset int `json:"byteOffset"`
+
+	// The length of the region in characters.
+	CharLength *int `json:"charLength,omitempty"`
+
+	// The zero-based offset from the beginning of the artifact of the first character in the region.
+	CharOffset int `json:"charOffset"`
+
+	// The column number of the character following the end of the region.
+	EndColumn *int `json:"endColumn,omitempty"`
+
+	// The line number of the last character in the region.
+	EndLine *int `json:"endLine,omitempty"`
+
+	// A message relevant to the region.
+	Message *Message `json:"message,omitempty"`
+
+	// Key/value pairs that provide additional information about the region.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The portion of the artifact contents within the specified region.
+	Snippet *ArtifactContent `json:"snippet,omitempty"`
+
+	// Specifies the source language, if any, of the portion of the artifact specified by the region object.
+	SourceLanguage *string `json:"sourceLanguage,omitempty"`
+
+	// The column number of the first character in the region.
+	StartColumn *int `json:"startColumn,omitempty"`
+
+	// The line number of the first character in the region.
+	StartLine *int `json:"startLine,omitempty"`
+}
+
+// NewRegion - creates a new
+func NewRegion() *Region {
+	return &Region{
+		ByteOffset: -1,
+		CharOffset: -1,
+	}
+}
+
+// WithByteLength - add a ByteLength to the Region
+func (b *Region) WithByteLength(byteLength int) *Region {
+	b.ByteLength = &byteLength
+	return b
+}
+
+// WithByteOffset - add a ByteOffset to the Region
+func (b *Region) WithByteOffset(byteOffset int) *Region {
+	b.ByteOffset = byteOffset
+	return b
+}
+
+// WithCharLength - add a CharLength to the Region
+func (c *Region) WithCharLength(charLength int) *Region {
+	c.CharLength = &charLength
+	return c
+}
+
+// WithCharOffset - add a CharOffset to the Region
+func (c *Region) WithCharOffset(charOffset int) *Region {
+	c.CharOffset = charOffset
+	return c
+}
+
+// WithEndColumn - add a EndColumn to the Region
+func (e *Region) WithEndColumn(endColumn int) *Region {
+	e.EndColumn = &endColumn
+	return e
+}
+
+// WithEndLine - add a EndLine to the Region
+func (e *Region) WithEndLine(endLine int) *Region {
+	e.EndLine = &endLine
+	return e
+}
+
+// WithMessage - add a Message to the Region
+func (m *Region) WithMessage(message *Message) *Region {
+	m.Message = message
+	return m
+}
+
+// WithProperties - add a Properties to the Region
+func (p *Region) WithProperties(properties *PropertyBag) *Region {
+	p.Properties = properties
+	return p
+}
+
+// WithSnippet - add a Snippet to the Region
+func (s *Region) WithSnippet(snippet *ArtifactContent) *Region {
+	s.Snippet = snippet
+	return s
+}
+
+// WithSourceLanguage - add a SourceLanguage to the Region
+func (s *Region) WithSourceLanguage(sourceLanguage string) *Region {
+	s.SourceLanguage = &sourceLanguage
+	return s
+}
+
+// WithStartColumn - add a StartColumn to the Region
+func (s *Region) WithStartColumn(startColumn int) *Region {
+	s.StartColumn = &startColumn
+	return s
+}
+
+// WithStartLine - add a StartLine to the Region
+func (s *Region) WithStartLine(startLine int) *Region {
+	s.StartLine = &startLine
+	return s
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/region_companion.go

@@ -0,0 +1,8 @@
+package sarif
+
+// NewSimpleRegion creates a new Region with the start and end line
+func NewSimpleRegion(startLine, endLine int) *Region {
+	return NewRegion().
+		WithStartLine(startLine).
+		WithEndLine(endLine)
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/replacement.go

@@ -0,0 +1,36 @@
+package sarif
+
+// Replacement - The replacement of a single region of an artifact.
+type Replacement struct {
+	// The region of the artifact to delete.
+	DeletedRegion *Region `json:"deletedRegion,omitempty"`
+
+	// The content to insert at the location specified by the 'deletedRegion' property.
+	InsertedContent *ArtifactContent `json:"insertedContent,omitempty"`
+
+	// Key/value pairs that provide additional information about the replacement.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewReplacement - creates a new
+func NewReplacement() *Replacement {
+	return &Replacement{}
+}
+
+// WithDeletedRegion - add a DeletedRegion to the Replacement
+func (d *Replacement) WithDeletedRegion(deletedRegion *Region) *Replacement {
+	d.DeletedRegion = deletedRegion
+	return d
+}
+
+// WithInsertedContent - add a InsertedContent to the Replacement
+func (i *Replacement) WithInsertedContent(insertedContent *ArtifactContent) *Replacement {
+	i.InsertedContent = insertedContent
+	return i
+}
+
+// WithProperties - add a Properties to the Replacement
+func (p *Replacement) WithProperties(properties *PropertyBag) *Replacement {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/reporting_configuration.go

@@ -0,0 +1,58 @@
+package sarif
+
+// ReportingConfiguration - Information about a rule or notification that can be configured at runtime.
+type ReportingConfiguration struct {
+	// Specifies whether the report may be produced during the scan.
+	Enabled bool `json:"enabled"`
+
+	// Specifies the failure level for the report.
+	Level string `json:"level,omitempty"`
+
+	// Contains configuration information specific to a report.
+	Parameters *PropertyBag `json:"parameters,omitempty"`
+
+	// Key/value pairs that provide additional information about the reporting configuration.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// Specifies the relative priority of the report. Used for analysis output only.
+	Rank float64 `json:"rank"`
+}
+
+// NewReportingConfiguration - creates a new
+func NewReportingConfiguration() *ReportingConfiguration {
+	return &ReportingConfiguration{
+		Enabled: true,
+		Level:   "warning",
+		Rank:    -1.000000,
+	}
+}
+
+// WithEnabled - add a Enabled to the ReportingConfiguration
+func (e *ReportingConfiguration) WithEnabled(enabled bool) *ReportingConfiguration {
+	e.Enabled = enabled
+	return e
+}
+
+// WithLevel - add a Level to the ReportingConfiguration
+func (l *ReportingConfiguration) WithLevel(level string) *ReportingConfiguration {
+	l.Level = level
+	return l
+}
+
+// WithParameters - add a Parameters to the ReportingConfiguration
+func (p *ReportingConfiguration) WithParameters(parameters *PropertyBag) *ReportingConfiguration {
+	p.Parameters = parameters
+	return p
+}
+
+// WithProperties - add a Properties to the ReportingConfiguration
+func (p *ReportingConfiguration) WithProperties(properties *PropertyBag) *ReportingConfiguration {
+	p.Properties = properties
+	return p
+}
+
+// WithRank - add a Rank to the ReportingConfiguration
+func (r *ReportingConfiguration) WithRank(rank float64) *ReportingConfiguration {
+	r.Rank = rank
+	return r
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/reporting_descriptor.go

@@ -0,0 +1,170 @@
+package sarif
+
+// ReportingDescriptor - Metadata that describes a specific report produced by the tool, as part of the analysis it provides or its runtime reporting.
+type ReportingDescriptor struct {
+	// A set of name/value pairs with arbitrary names. Each value is a multiformatMessageString object, which holds message strings in plain text and (optionally) Markdown format. The strings can include placeholders, which can be used to construct a message in combination with an arbitrary number of additional string arguments.
+	MessageStrings map[string]MultiformatMessageString `json:"messageStrings,omitempty"`
+
+	// Default reporting configuration information.
+	DefaultConfiguration *ReportingConfiguration `json:"defaultConfiguration,omitempty"`
+
+	// An array of unique identifies in the form of a GUID by which this report was known in some previous version of the analysis tool.
+	DeprecatedGuids []string `json:"deprecatedGuids,omitempty"`
+
+	// An array of stable, opaque identifiers by which this report was known in some previous version of the analysis tool.
+	DeprecatedIds []string `json:"deprecatedIds,omitempty"`
+
+	// An array of readable identifiers by which this report was known in some previous version of the analysis tool.
+	DeprecatedNames []string `json:"deprecatedNames,omitempty"`
+
+	// A description of the report. Should, as far as possible, provide details sufficient to enable resolution of any problem indicated by the result.
+	FullDescription *MultiformatMessageString `json:"fullDescription,omitempty"`
+
+	// A unique identifier for the reporting descriptor in the form of a GUID.
+	GuID *string `json:"guid,omitempty"`
+
+	// Provides the primary documentation for the report, useful when there is no online documentation.
+	Help *MultiformatMessageString `json:"help,omitempty"`
+
+	// A URI where the primary documentation for the report can be found.
+	HelpURI *string `json:"helpUri,omitempty"`
+
+	// A stable, opaque identifier for the report.
+	ID *string `json:"id,omitempty"`
+
+	// A report identifier that is understandable to an end user.
+	Name *string `json:"name,omitempty"`
+
+	// Key/value pairs that provide additional information about the report.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An array of objects that describe relationships between this reporting descriptor and others.
+	Relationships []*ReportingDescriptorRelationship `json:"relationships"`
+
+	// A concise description of the report. Should be a single sentence that is understandable when visible space is limited to a single line of text.
+	ShortDescription *MultiformatMessageString `json:"shortDescription,omitempty"`
+}
+
+// NewReportingDescriptor - creates a new
+func NewReportingDescriptor() *ReportingDescriptor {
+	return &ReportingDescriptor{
+		DeprecatedGuids: make([]string, 0),
+		DeprecatedIds:   make([]string, 0),
+		DeprecatedNames: make([]string, 0),
+		Relationships:   make([]*ReportingDescriptorRelationship, 0),
+	}
+}
+
+// AddMessageString - add a single MessageString to the ReportingDescriptor
+func (m *ReportingDescriptor) AddMessageString(key string, messageString MultiformatMessageString) *ReportingDescriptor {
+	m.MessageStrings[key] = messageString
+	return m
+}
+
+// WithMessageStrings - add a MessageStrings to the ReportingDescriptor
+func (m *ReportingDescriptor) WithMessageStrings(messageStrings map[string]MultiformatMessageString) *ReportingDescriptor {
+	m.MessageStrings = messageStrings
+	return m
+}
+
+// WithDefaultConfiguration - add a DefaultConfiguration to the ReportingDescriptor
+func (d *ReportingDescriptor) WithDefaultConfiguration(defaultConfiguration *ReportingConfiguration) *ReportingDescriptor {
+	d.DefaultConfiguration = defaultConfiguration
+	return d
+}
+
+// WithDeprecatedGuids - add a DeprecatedGuids to the ReportingDescriptor
+func (d *ReportingDescriptor) WithDeprecatedGuids(deprecatedGuids []string) *ReportingDescriptor {
+	d.DeprecatedGuids = deprecatedGuids
+	return d
+}
+
+// AddDeprecatedGuid - add a single DeprecatedGuid to the ReportingDescriptor
+func (d *ReportingDescriptor) AddDeprecatedGuid(deprecatedGuid string) *ReportingDescriptor {
+	d.DeprecatedGuids = append(d.DeprecatedGuids, deprecatedGuid)
+	return d
+}
+
+// WithDeprecatedIds - add a DeprecatedIds to the ReportingDescriptor
+func (d *ReportingDescriptor) WithDeprecatedIds(deprecatedIds []string) *ReportingDescriptor {
+	d.DeprecatedIds = deprecatedIds
+	return d
+}
+
+// AddDeprecatedId - add a single DeprecatedId to the ReportingDescriptor
+func (d *ReportingDescriptor) AddDeprecatedId(deprecatedId string) *ReportingDescriptor {
+	d.DeprecatedIds = append(d.DeprecatedIds, deprecatedId)
+	return d
+}
+
+// WithDeprecatedNames - add a DeprecatedNames to the ReportingDescriptor
+func (d *ReportingDescriptor) WithDeprecatedNames(deprecatedNames []string) *ReportingDescriptor {
+	d.DeprecatedNames = deprecatedNames
+	return d
+}
+
+// AddDeprecatedName - add a single DeprecatedName to the ReportingDescriptor
+func (d *ReportingDescriptor) AddDeprecatedName(deprecatedName string) *ReportingDescriptor {
+	d.DeprecatedNames = append(d.DeprecatedNames, deprecatedName)
+	return d
+}
+
+// WithFullDescription - add a FullDescription to the ReportingDescriptor
+func (f *ReportingDescriptor) WithFullDescription(fullDescription *MultiformatMessageString) *ReportingDescriptor {
+	f.FullDescription = fullDescription
+	return f
+}
+
+// WithGuID - add a GuID to the ReportingDescriptor
+func (g *ReportingDescriptor) WithGuID(guid string) *ReportingDescriptor {
+	g.GuID = &guid
+	return g
+}
+
+// WithHelp - add a Help to the ReportingDescriptor
+func (h *ReportingDescriptor) WithHelp(help *MultiformatMessageString) *ReportingDescriptor {
+	h.Help = help
+	return h
+}
+
+// WithHelpURI - add a HelpURI to the ReportingDescriptor
+func (h *ReportingDescriptor) WithHelpURI(helpUri string) *ReportingDescriptor {
+	h.HelpURI = &helpUri
+	return h
+}
+
+// WithID - add a ID to the ReportingDescriptor
+func (i *ReportingDescriptor) WithID(id string) *ReportingDescriptor {
+	i.ID = &id
+	return i
+}
+
+// WithName - add a Name to the ReportingDescriptor
+func (n *ReportingDescriptor) WithName(name string) *ReportingDescriptor {
+	n.Name = &name
+	return n
+}
+
+// WithProperties - add a Properties to the ReportingDescriptor
+func (p *ReportingDescriptor) WithProperties(properties *PropertyBag) *ReportingDescriptor {
+	p.Properties = properties
+	return p
+}
+
+// WithRelationships - add a Relationships to the ReportingDescriptor
+func (r *ReportingDescriptor) WithRelationships(relationships []*ReportingDescriptorRelationship) *ReportingDescriptor {
+	r.Relationships = relationships
+	return r
+}
+
+// AddRelationship - add a single Relationship to the ReportingDescriptor
+func (r *ReportingDescriptor) AddRelationship(relationship *ReportingDescriptorRelationship) *ReportingDescriptor {
+	r.Relationships = append(r.Relationships, relationship)
+	return r
+}
+
+// WithShortDescription - add a ShortDescription to the ReportingDescriptor
+func (s *ReportingDescriptor) WithShortDescription(shortDescription *MultiformatMessageString) *ReportingDescriptor {
+	s.ShortDescription = shortDescription
+	return s
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/reporting_descriptor_companion.go

@@ -0,0 +1,24 @@
+package sarif
+
+// NewRule creates a new Rule and returns a pointer to it
+func NewRule(ruleID string) *ReportingDescriptor {
+	return NewReportingDescriptor().WithID(ruleID)
+}
+
+// WithDescription specifies short description for a rule and returns the updated rule.
+// Short description should be a single sentence that is understandable when visible space is limited to a single line
+// of text.
+func (rule *ReportingDescriptor) WithDescription(description string) *ReportingDescriptor {
+	rule.ShortDescription = NewMultiformatMessageString().WithText(description)
+	return rule
+}
+
+// WithMarkdownHelp specifies a help text  for a rule and returns the updated rule
+func (rule *ReportingDescriptor) WithMarkdownHelp(markdown string) *ReportingDescriptor {
+	if rule.Help == nil {
+		rule.Help = NewMultiformatMessageString()
+	}
+	rule.Help.Text = &markdown
+	rule.Help.Markdown = &markdown
+	return rule
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/reporting_descriptor_reference.go

@@ -0,0 +1,56 @@
+package sarif
+
+// ReportingDescriptorReference - Information about how to locate a relevant reporting descriptor.
+type ReportingDescriptorReference struct {
+	// A guid that uniquely identifies the descriptor.
+	GuID *string `json:"guid,omitempty"`
+
+	// The id of the descriptor.
+	ID *string `json:"id,omitempty"`
+
+	// The index into an array of descriptors in toolComponent.ruleDescriptors, toolComponent.notificationDescriptors, or toolComponent.taxonomyDescriptors, depending on context.
+	Index int `json:"index"`
+
+	// Key/value pairs that provide additional information about the reporting descriptor reference.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A reference used to locate the toolComponent associated with the descriptor.
+	ToolComponent *ToolComponentReference `json:"toolComponent,omitempty"`
+}
+
+// NewReportingDescriptorReference - creates a new
+func NewReportingDescriptorReference() *ReportingDescriptorReference {
+	return &ReportingDescriptorReference{
+		Index: -1,
+	}
+}
+
+// WithGuID - add a GuID to the ReportingDescriptorReference
+func (g *ReportingDescriptorReference) WithGuID(guid string) *ReportingDescriptorReference {
+	g.GuID = &guid
+	return g
+}
+
+// WithID - add a ID to the ReportingDescriptorReference
+func (i *ReportingDescriptorReference) WithID(id string) *ReportingDescriptorReference {
+	i.ID = &id
+	return i
+}
+
+// WithIndex - add a Index to the ReportingDescriptorReference
+func (i *ReportingDescriptorReference) WithIndex(index int) *ReportingDescriptorReference {
+	i.Index = index
+	return i
+}
+
+// WithProperties - add a Properties to the ReportingDescriptorReference
+func (p *ReportingDescriptorReference) WithProperties(properties *PropertyBag) *ReportingDescriptorReference {
+	p.Properties = properties
+	return p
+}
+
+// WithToolComponent - add a ToolComponent to the ReportingDescriptorReference
+func (t *ReportingDescriptorReference) WithToolComponent(toolComponent *ToolComponentReference) *ReportingDescriptorReference {
+	t.ToolComponent = toolComponent
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/reporting_descriptor_relationship.go

@@ -0,0 +1,53 @@
+package sarif
+
+// ReportingDescriptorRelationship - Information about the relation of one reporting descriptor to another.
+type ReportingDescriptorRelationship struct {
+	// A description of the reporting descriptor relationship.
+	Description *Message `json:"description,omitempty"`
+
+	// A set of distinct strings that categorize the relationship. Well-known kinds include 'canPrecede', 'canFollow', 'willPrecede', 'willFollow', 'superset', 'subset', 'equal', 'disjoint', 'relevant', and 'incomparable'.
+	Kinds []string `json:"kinds"`
+
+	// Key/value pairs that provide additional information about the reporting descriptor reference.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A reference to the related reporting descriptor.
+	Target *ReportingDescriptorReference `json:"target,omitempty"`
+}
+
+// NewReportingDescriptorRelationship - creates a new
+func NewReportingDescriptorRelationship() *ReportingDescriptorRelationship {
+	return &ReportingDescriptorRelationship{
+		Kinds: []string{"relevant"},
+	}
+}
+
+// WithDescription - add a Description to the ReportingDescriptorRelationship
+func (d *ReportingDescriptorRelationship) WithDescription(description *Message) *ReportingDescriptorRelationship {
+	d.Description = description
+	return d
+}
+
+// WithKinds - add a Kinds to the ReportingDescriptorRelationship
+func (k *ReportingDescriptorRelationship) WithKinds(kinds []string) *ReportingDescriptorRelationship {
+	k.Kinds = kinds
+	return k
+}
+
+// AddKind - add a single Kind to the ReportingDescriptorRelationship
+func (k *ReportingDescriptorRelationship) AddKind(kind string) *ReportingDescriptorRelationship {
+	k.Kinds = append(k.Kinds, kind)
+	return k
+}
+
+// WithProperties - add a Properties to the ReportingDescriptorRelationship
+func (p *ReportingDescriptorRelationship) WithProperties(properties *PropertyBag) *ReportingDescriptorRelationship {
+	p.Properties = properties
+	return p
+}
+
+// WithTarget - add a Target to the ReportingDescriptorRelationship
+func (t *ReportingDescriptorRelationship) WithTarget(target *ReportingDescriptorReference) *ReportingDescriptorRelationship {
+	t.Target = target
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/result.go

@@ -0,0 +1,373 @@
+package sarif
+
+// Result - A result produced by an analysis tool.
+type Result struct {
+	// A set of strings that contribute to the stable, unique identity of the result.
+	PartialFingerprints map[string]string `json:"partialFingerprints,omitempty"`
+
+	// A set of strings each of which individually defines a stable, unique identity for the result.
+	Fingerprints map[string]string `json:"fingerprints,omitempty"`
+
+	// Identifies the artifact that the analysis tool was instructed to scan. This need not be the same as the artifact where the result actually occurred.
+	AnalysisTarget *ArtifactLocation `json:"analysisTarget,omitempty"`
+
+	// A set of artifacts relevant to the result.
+	Attachments []*Attachment `json:"attachments"`
+
+	// The state of a result relative to a baseline of a previous run.
+	BaselineState *string `json:"baselineState,omitempty"`
+
+	// An array of 'codeFlow' objects relevant to the result.
+	CodeFlows []*CodeFlow `json:"codeFlows"`
+
+	// A stable, unique identifier for the equivalence class of logically identical results to which this result belongs, in the form of a GUID.
+	CorrelationGuID *string `json:"correlationGuid,omitempty"`
+
+	// An array of 'fix' objects, each of which represents a proposed fix to the problem indicated by the result.
+	Fixes []*Fix `json:"fixes"`
+
+	// An array of one or more unique 'graphTraversal' objects.
+	GraphTraversals []*GraphTraversal `json:"graphTraversals"`
+
+	// An array of zero or more unique graph objects associated with the result.
+	Graphs []*Graph `json:"graphs"`
+
+	// A stable, unique identifier for the result in the form of a GUID.
+	GuID *string `json:"guid,omitempty"`
+
+	// An absolute URI at which the result can be viewed.
+	HostedViewerURI *string `json:"hostedViewerUri,omitempty"`
+
+	// A value that categorizes results by evaluation state.
+	Kind string `json:"kind,omitempty"`
+
+	// A value specifying the severity level of the result.
+	Level string `json:"level,omitempty"`
+
+	// The set of locations where the result was detected. Specify only one location unless the problem indicated by the result can only be corrected by making a change at every specified location.
+	Locations []*Location `json:"locations"`
+
+	// A message that describes the result. The first sentence of the message only will be displayed when visible space is limited.
+	Message *Message `json:"message,omitempty"`
+
+	// A positive integer specifying the number of times this logically unique result was observed in this run.
+	OccurrenceCount *int `json:"occurrenceCount,omitempty"`
+
+	// Key/value pairs that provide additional information about the result.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// Information about how and when the result was detected.
+	Provenance *ResultProvenance `json:"provenance,omitempty"`
+
+	// A number representing the priority or importance of the result.
+	Rank float64 `json:"rank"`
+
+	// A set of locations relevant to this result.
+	RelatedLocations []*Location `json:"relatedLocations"`
+
+	// A reference used to locate the rule descriptor relevant to this result.
+	Rule *ReportingDescriptorReference `json:"rule,omitempty"`
+
+	// The stable, unique identifier of the rule, if any, to which this result is relevant.
+	RuleID *string `json:"ruleId,omitempty"`
+
+	// The index within the tool component rules array of the rule object associated with this result.
+	RuleIndex int `json:"ruleIndex"`
+
+	// An array of 'stack' objects relevant to the result.
+	Stacks []*Stack `json:"stacks"`
+
+	// A set of suppressions relevant to this result.
+	Suppressions []*Suppression `json:"suppressions,omitempty"`
+
+	// An array of references to taxonomy reporting descriptors that are applicable to the result.
+	Taxa []*ReportingDescriptorReference `json:"taxa"`
+
+	// A web request associated with this result.
+	WebRequest *WebRequest `json:"webRequest,omitempty"`
+
+	// A web response associated with this result.
+	WebResponse *WebResponse `json:"webResponse,omitempty"`
+
+	// The URIs of the work items associated with this result.
+	WorkItemUris []string `json:"workItemUris,omitempty"`
+}
+
+// NewResult - creates a new
+func NewResult() *Result {
+	return &Result{
+		Attachments:      make([]*Attachment, 0),
+		CodeFlows:        make([]*CodeFlow, 0),
+		Fixes:            make([]*Fix, 0),
+		GraphTraversals:  make([]*GraphTraversal, 0),
+		Graphs:           make([]*Graph, 0),
+		Kind:             "fail",
+		Level:            "warning",
+		Locations:        make([]*Location, 0),
+		Rank:             -1.000000,
+		RelatedLocations: make([]*Location, 0),
+		RuleIndex:        -1,
+		Stacks:           make([]*Stack, 0),
+		Suppressions:     make([]*Suppression, 0),
+		Taxa:             make([]*ReportingDescriptorReference, 0),
+		WorkItemUris:     make([]string, 0),
+	}
+}
+
+// AddPartialFingerprint - add a single PartialFingerprint to the Result
+func (p *Result) AddPartialFingerprint(key, partialFingerprint string) *Result {
+	p.PartialFingerprints[key] = partialFingerprint
+	return p
+}
+
+// WithPartialFingerprints - add a PartialFingerprints to the Result
+func (p *Result) WithPartialFingerprints(partialFingerprints map[string]string) *Result {
+	p.PartialFingerprints = partialFingerprints
+	return p
+}
+
+// AddFingerprint - add a single Fingerprint to the Result
+func (f *Result) AddFingerprint(key, fingerprint string) *Result {
+	f.Fingerprints[key] = fingerprint
+	return f
+}
+
+// WithFingerprints - add a Fingerprints to the Result
+func (f *Result) WithFingerprints(fingerprints map[string]string) *Result {
+	f.Fingerprints = fingerprints
+	return f
+}
+
+// WithAnalysisTarget - add a AnalysisTarget to the Result
+func (a *Result) WithAnalysisTarget(analysisTarget *ArtifactLocation) *Result {
+	a.AnalysisTarget = analysisTarget
+	return a
+}
+
+// WithAttachments - add a Attachments to the Result
+func (a *Result) WithAttachments(attachments []*Attachment) *Result {
+	a.Attachments = attachments
+	return a
+}
+
+// AddAttachment - add a single Attachment to the Result
+func (a *Result) AddAttachment(attachment *Attachment) *Result {
+	a.Attachments = append(a.Attachments, attachment)
+	return a
+}
+
+// WithBaselineState - add a BaselineState to the Result
+func (b *Result) WithBaselineState(baselineState string) *Result {
+	b.BaselineState = &baselineState
+	return b
+}
+
+// WithCodeFlows - add a CodeFlows to the Result
+func (c *Result) WithCodeFlows(codeFlows []*CodeFlow) *Result {
+	c.CodeFlows = codeFlows
+	return c
+}
+
+// AddCodeFlow - add a single CodeFlow to the Result
+func (c *Result) AddCodeFlow(codeFlow *CodeFlow) *Result {
+	c.CodeFlows = append(c.CodeFlows, codeFlow)
+	return c
+}
+
+// WithCorrelationGuID - add a CorrelationGuID to the Result
+func (c *Result) WithCorrelationGuID(correlationGuid string) *Result {
+	c.CorrelationGuID = &correlationGuid
+	return c
+}
+
+// WithFixes - add a Fixes to the Result
+func (f *Result) WithFixes(fixes []*Fix) *Result {
+	f.Fixes = fixes
+	return f
+}
+
+// AddFixe - add a single Fixe to the Result
+func (f *Result) AddFixe(fixe *Fix) *Result {
+	f.Fixes = append(f.Fixes, fixe)
+	return f
+}
+
+// WithGraphTraversals - add a GraphTraversals to the Result
+func (g *Result) WithGraphTraversals(graphTraversals []*GraphTraversal) *Result {
+	g.GraphTraversals = graphTraversals
+	return g
+}
+
+// AddGraphTraversal - add a single GraphTraversal to the Result
+func (g *Result) AddGraphTraversal(graphTraversal *GraphTraversal) *Result {
+	g.GraphTraversals = append(g.GraphTraversals, graphTraversal)
+	return g
+}
+
+// WithGraphs - add a Graphs to the Result
+func (g *Result) WithGraphs(graphs []*Graph) *Result {
+	g.Graphs = graphs
+	return g
+}
+
+// AddGraph - add a single Graph to the Result
+func (g *Result) AddGraph(graph *Graph) *Result {
+	g.Graphs = append(g.Graphs, graph)
+	return g
+}
+
+// WithGuID - add a GuID to the Result
+func (g *Result) WithGuID(guid string) *Result {
+	g.GuID = &guid
+	return g
+}
+
+// WithHostedViewerURI - add a HostedViewerURI to the Result
+func (h *Result) WithHostedViewerURI(hostedViewerUri string) *Result {
+	h.HostedViewerURI = &hostedViewerUri
+	return h
+}
+
+// WithKind - add a Kind to the Result
+func (k *Result) WithKind(kind string) *Result {
+	k.Kind = kind
+	return k
+}
+
+// WithLevel - add a Level to the Result
+func (l *Result) WithLevel(level string) *Result {
+	l.Level = level
+	return l
+}
+
+// WithLocations - add a Locations to the Result
+func (l *Result) WithLocations(locations []*Location) *Result {
+	l.Locations = locations
+	return l
+}
+
+// AddLocation - add a single Location to the Result
+func (l *Result) AddLocation(location *Location) *Result {
+	l.Locations = append(l.Locations, location)
+	return l
+}
+
+// WithMessage - add a Message to the Result
+func (m *Result) WithMessage(message *Message) *Result {
+	m.Message = message
+	return m
+}
+
+// WithOccurrenceCount - add a OccurrenceCount to the Result
+func (o *Result) WithOccurrenceCount(occurrenceCount int) *Result {
+	o.OccurrenceCount = &occurrenceCount
+	return o
+}
+
+// WithProperties - add a Properties to the Result
+func (p *Result) WithProperties(properties *PropertyBag) *Result {
+	p.Properties = properties
+	return p
+}
+
+// WithProvenance - add a Provenance to the Result
+func (p *Result) WithProvenance(provenance *ResultProvenance) *Result {
+	p.Provenance = provenance
+	return p
+}
+
+// WithRank - add a Rank to the Result
+func (r *Result) WithRank(rank float64) *Result {
+	r.Rank = rank
+	return r
+}
+
+// WithRelatedLocations - add a RelatedLocations to the Result
+func (r *Result) WithRelatedLocations(relatedLocations []*Location) *Result {
+	r.RelatedLocations = relatedLocations
+	return r
+}
+
+// AddRelatedLocation - add a single RelatedLocation to the Result
+func (r *Result) AddRelatedLocation(relatedLocation *Location) *Result {
+	r.RelatedLocations = append(r.RelatedLocations, relatedLocation)
+	return r
+}
+
+// WithRule - add a Rule to the Result
+func (r *Result) WithRule(rule *ReportingDescriptorReference) *Result {
+	r.Rule = rule
+	return r
+}
+
+// WithRuleID - add a RuleID to the Result
+func (r *Result) WithRuleID(ruleId string) *Result {
+	r.RuleID = &ruleId
+	return r
+}
+
+// WithRuleIndex - add a RuleIndex to the Result
+func (r *Result) WithRuleIndex(ruleIndex int) *Result {
+	r.RuleIndex = ruleIndex
+	return r
+}
+
+// WithStacks - add a Stacks to the Result
+func (s *Result) WithStacks(stacks []*Stack) *Result {
+	s.Stacks = stacks
+	return s
+}
+
+// AddStack - add a single Stack to the Result
+func (s *Result) AddStack(stack *Stack) *Result {
+	s.Stacks = append(s.Stacks, stack)
+	return s
+}
+
+// WithSuppressions - add a Suppressions to the Result
+func (s *Result) WithSuppressions(suppressions []*Suppression) *Result {
+	s.Suppressions = suppressions
+	return s
+}
+
+// AddSuppression - add a single Suppression to the Result
+func (s *Result) AddSuppression(suppression *Suppression) *Result {
+	s.Suppressions = append(s.Suppressions, suppression)
+	return s
+}
+
+// WithTaxa - add a Taxa to the Result
+func (t *Result) WithTaxa(taxa []*ReportingDescriptorReference) *Result {
+	t.Taxa = taxa
+	return t
+}
+
+// AddTaxa - add a single Taxa to the Result
+func (t *Result) AddTaxa(taxa *ReportingDescriptorReference) *Result {
+	t.Taxa = append(t.Taxa, taxa)
+	return t
+}
+
+// WithWebRequest - add a WebRequest to the Result
+func (w *Result) WithWebRequest(webRequest *WebRequest) *Result {
+	w.WebRequest = webRequest
+	return w
+}
+
+// WithWebResponse - add a WebResponse to the Result
+func (w *Result) WithWebResponse(webResponse *WebResponse) *Result {
+	w.WebResponse = webResponse
+	return w
+}
+
+// WithWorkItemUris - add a WorkItemUris to the Result
+func (w *Result) WithWorkItemUris(workItemUris []string) *Result {
+	w.WorkItemUris = workItemUris
+	return w
+}
+
+// AddWorkItemUri - add a single WorkItemUri to the Result
+func (w *Result) AddWorkItemUri(workItemUri string) *Result {
+	w.WorkItemUris = append(w.WorkItemUris, workItemUri)
+	return w
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/result_companion.go

@@ -0,0 +1,6 @@
+package sarif
+
+// NewRuleResult - creates a new result with the ruleID set
+func NewRuleResult(ruleID string) *Result {
+	return NewResult().WithRuleID(ruleID)
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/result_provenance.go

@@ -0,0 +1,81 @@
+package sarif
+
+// ResultProvenance - Contains information about how and when a result was detected.
+type ResultProvenance struct {
+	// An array of physicalLocation objects which specify the portions of an analysis tool's output that a converter transformed into the result.
+	ConversionSources []*PhysicalLocation `json:"conversionSources"`
+
+	// A GUID-valued string equal to the automationDetails.guid property of the run in which the result was first detected.
+	FirstDetectionRunGuID *string `json:"firstDetectionRunGuid,omitempty"`
+
+	// The Coordinated Universal Time (UTC) date and time at which the result was first detected. See "Date/time properties" in the SARIF spec for the required format.
+	FirstDetectionTimeUtc *string `json:"firstDetectionTimeUtc,omitempty"`
+
+	// The index within the run.invocations array of the invocation object which describes the tool invocation that detected the result.
+	InvocationIndex int `json:"invocationIndex"`
+
+	// A GUID-valued string equal to the automationDetails.guid property of the run in which the result was most recently detected.
+	LastDetectionRunGuID *string `json:"lastDetectionRunGuid,omitempty"`
+
+	// The Coordinated Universal Time (UTC) date and time at which the result was most recently detected. See "Date/time properties" in the SARIF spec for the required format.
+	LastDetectionTimeUtc *string `json:"lastDetectionTimeUtc,omitempty"`
+
+	// Key/value pairs that provide additional information about the result.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewResultProvenance - creates a new
+func NewResultProvenance() *ResultProvenance {
+	return &ResultProvenance{
+		ConversionSources: make([]*PhysicalLocation, 0),
+		InvocationIndex:   -1,
+	}
+}
+
+// WithConversionSources - add a ConversionSources to the ResultProvenance
+func (c *ResultProvenance) WithConversionSources(conversionSources []*PhysicalLocation) *ResultProvenance {
+	c.ConversionSources = conversionSources
+	return c
+}
+
+// AddConversionSource - add a single ConversionSource to the ResultProvenance
+func (c *ResultProvenance) AddConversionSource(conversionSource *PhysicalLocation) *ResultProvenance {
+	c.ConversionSources = append(c.ConversionSources, conversionSource)
+	return c
+}
+
+// WithFirstDetectionRunGuID - add a FirstDetectionRunGuID to the ResultProvenance
+func (f *ResultProvenance) WithFirstDetectionRunGuID(firstDetectionRunGuid string) *ResultProvenance {
+	f.FirstDetectionRunGuID = &firstDetectionRunGuid
+	return f
+}
+
+// WithFirstDetectionTimeUtc - add a FirstDetectionTimeUtc to the ResultProvenance
+func (f *ResultProvenance) WithFirstDetectionTimeUtc(firstDetectionTimeUtc string) *ResultProvenance {
+	f.FirstDetectionTimeUtc = &firstDetectionTimeUtc
+	return f
+}
+
+// WithInvocationIndex - add a InvocationIndex to the ResultProvenance
+func (i *ResultProvenance) WithInvocationIndex(invocationIndex int) *ResultProvenance {
+	i.InvocationIndex = invocationIndex
+	return i
+}
+
+// WithLastDetectionRunGuID - add a LastDetectionRunGuID to the ResultProvenance
+func (l *ResultProvenance) WithLastDetectionRunGuID(lastDetectionRunGuid string) *ResultProvenance {
+	l.LastDetectionRunGuID = &lastDetectionRunGuid
+	return l
+}
+
+// WithLastDetectionTimeUtc - add a LastDetectionTimeUtc to the ResultProvenance
+func (l *ResultProvenance) WithLastDetectionTimeUtc(lastDetectionTimeUtc string) *ResultProvenance {
+	l.LastDetectionTimeUtc = &lastDetectionTimeUtc
+	return l
+}
+
+// WithProperties - add a Properties to the ResultProvenance
+func (p *ResultProvenance) WithProperties(properties *PropertyBag) *ResultProvenance {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/run.go

@@ -0,0 +1,381 @@
+package sarif
+
+// Run - Describes a single run of an analysis tool, and contains the reported output of that run.
+type Run struct {
+	// The artifact location specified by each uriBaseId symbol on the machine where the tool originally ran.
+	OriginalUriBaseIds map[string]ArtifactLocation `json:"originalUriBaseIds,omitempty"`
+
+	// Addresses associated with this run instance, if any.
+	Addresses []*Address `json:"addresses"`
+
+	// An array of artifact objects relevant to the run.
+	Artifacts []*Artifact `json:"artifacts,omitempty"`
+
+	// Automation details that describe this run.
+	AutomationDetails *RunAutomationDetails `json:"automationDetails,omitempty"`
+
+	// The 'guid' property of a previous SARIF 'run' that comprises the baseline that was used to compute result 'baselineState' properties for the run.
+	BaselineGuID *string `json:"baselineGuid,omitempty"`
+
+	// Specifies the unit in which the tool measures columns.
+	ColumnKind *string `json:"columnKind,omitempty"`
+
+	// A conversion object that describes how a converter transformed an analysis tool's native reporting format into the SARIF format.
+	Conversion *Conversion `json:"conversion,omitempty"`
+
+	// Specifies the default encoding for any artifact object that refers to a text file.
+	DefaultEncoding *string `json:"defaultEncoding,omitempty"`
+
+	// Specifies the default source language for any artifact object that refers to a text file that contains source code.
+	DefaultSourceLanguage *string `json:"defaultSourceLanguage,omitempty"`
+
+	// References to external property files that should be inlined with the content of a root log file.
+	ExternalPropertyFileReferences *ExternalPropertyFileReferences `json:"externalPropertyFileReferences,omitempty"`
+
+	// An array of zero or more unique graph objects associated with the run.
+	Graphs []*Graph `json:"graphs"`
+
+	// Describes the invocation of the analysis tool.
+	Invocations []*Invocation `json:"invocations"`
+
+	// The language of the messages emitted into the log file during this run (expressed as an ISO 639-1 two-letter lowercase culture code) and an optional region (expressed as an ISO 3166-1 two-letter uppercase subculture code associated with a country or region). The casing is recommended but not required (in order for this data to conform to RFC5646).
+	Language string `json:"language"`
+
+	// An array of logical locations such as namespaces, types or functions.
+	LogicalLocations []*LogicalLocation `json:"logicalLocations"`
+
+	// An ordered list of character sequences that were treated as line breaks when computing region information for the run.
+	NewlineSequences []string `json:"newlineSequences"`
+
+	// Contains configurations that may potentially override both reportingDescriptor.defaultConfiguration (the tool's default severities) and invocation.configurationOverrides (severities established at run-time from the command line).
+	Policies []*ToolComponent `json:"policies"`
+
+	// Key/value pairs that provide additional information about the run.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An array of strings used to replace sensitive information in a redaction-aware property.
+	RedactionTokens []string `json:"redactionTokens"`
+
+	// The set of results contained in an SARIF log. The results array can be omitted when a run is solely exporting rules metadata. It must be present (but may be empty) if a log file represents an actual scan.
+	Results []*Result `json:"results"`
+
+	// Automation details that describe the aggregate of runs to which this run belongs.
+	RunAggregates []*RunAutomationDetails `json:"runAggregates"`
+
+	// A specialLocations object that defines locations of special significance to SARIF consumers.
+	SpecialLocations *SpecialLocations `json:"specialLocations,omitempty"`
+
+	// An array of toolComponent objects relevant to a taxonomy in which results are categorized.
+	Taxonomies []*ToolComponent `json:"taxonomies"`
+
+	// An array of threadFlowLocation objects cached at run level.
+	ThreadFlowLocations []*ThreadFlowLocation `json:"threadFlowLocations"`
+
+	// Information about the tool or tool pipeline that generated the results in this run. A run can only contain results produced by a single tool or tool pipeline. A run can aggregate results from multiple log files, as long as context around the tool run (tool command-line arguments and the like) is identical for all aggregated files.
+	Tool *Tool `json:"tool,omitempty"`
+
+	// The set of available translations of the localized data provided by the tool.
+	Translations []*ToolComponent `json:"translations"`
+
+	// Specifies the revision in version control of the artifacts that were scanned.
+	VersionControlProvenance []*VersionControlDetails `json:"versionControlProvenance"`
+
+	// An array of request objects cached at run level.
+	WebRequests []*WebRequest `json:"webRequests"`
+
+	// An array of response objects cached at run level.
+	WebResponses []*WebResponse `json:"webResponses"`
+}
+
+// NewRun - creates a new
+func NewRun() *Run {
+	return &Run{
+		Addresses:                make([]*Address, 0),
+		Artifacts:                make([]*Artifact, 0),
+		Graphs:                   make([]*Graph, 0),
+		Invocations:              make([]*Invocation, 0),
+		Language:                 "en-US",
+		LogicalLocations:         make([]*LogicalLocation, 0),
+		NewlineSequences:         []string{"\r\n", "\n"},
+		Policies:                 make([]*ToolComponent, 0),
+		RedactionTokens:          make([]string, 0),
+		Results:                  make([]*Result, 0),
+		RunAggregates:            make([]*RunAutomationDetails, 0),
+		Taxonomies:               make([]*ToolComponent, 0),
+		ThreadFlowLocations:      make([]*ThreadFlowLocation, 0),
+		Translations:             make([]*ToolComponent, 0),
+		VersionControlProvenance: make([]*VersionControlDetails, 0),
+		WebRequests:              make([]*WebRequest, 0),
+		WebResponses:             make([]*WebResponse, 0),
+	}
+}
+
+// AddOriginalUriBaseId - add a single OriginalUriBaseId to the Run
+func (o *Run) AddOriginalUriBaseId(key string, originalUriBaseId ArtifactLocation) *Run {
+	o.OriginalUriBaseIds[key] = originalUriBaseId
+	return o
+}
+
+// WithOriginalUriBaseIds - add a OriginalUriBaseIds to the Run
+func (o *Run) WithOriginalUriBaseIds(originalUriBaseIds map[string]ArtifactLocation) *Run {
+	o.OriginalUriBaseIds = originalUriBaseIds
+	return o
+}
+
+// WithAddresses - add a Addresses to the Run
+func (a *Run) WithAddresses(addresses []*Address) *Run {
+	a.Addresses = addresses
+	return a
+}
+
+// AddAddresse - add a single Addresse to the Run
+func (a *Run) AddAddresse(addresse *Address) *Run {
+	a.Addresses = append(a.Addresses, addresse)
+	return a
+}
+
+// WithArtifacts - add a Artifacts to the Run
+func (a *Run) WithArtifacts(artifacts []*Artifact) *Run {
+	a.Artifacts = artifacts
+	return a
+}
+
+// AddArtifact - add a single Artifact to the Run
+func (a *Run) AddArtifact(artifact *Artifact) *Run {
+	a.Artifacts = append(a.Artifacts, artifact)
+	return a
+}
+
+// WithAutomationDetails - add a AutomationDetails to the Run
+func (a *Run) WithAutomationDetails(automationDetails *RunAutomationDetails) *Run {
+	a.AutomationDetails = automationDetails
+	return a
+}
+
+// WithBaselineGuID - add a BaselineGuID to the Run
+func (b *Run) WithBaselineGuID(baselineGuid string) *Run {
+	b.BaselineGuID = &baselineGuid
+	return b
+}
+
+// WithColumnKind - add a ColumnKind to the Run
+func (c *Run) WithColumnKind(columnKind string) *Run {
+	c.ColumnKind = &columnKind
+	return c
+}
+
+// WithConversion - add a Conversion to the Run
+func (c *Run) WithConversion(conversion *Conversion) *Run {
+	c.Conversion = conversion
+	return c
+}
+
+// WithDefaultEncoding - add a DefaultEncoding to the Run
+func (d *Run) WithDefaultEncoding(defaultEncoding string) *Run {
+	d.DefaultEncoding = &defaultEncoding
+	return d
+}
+
+// WithDefaultSourceLanguage - add a DefaultSourceLanguage to the Run
+func (d *Run) WithDefaultSourceLanguage(defaultSourceLanguage string) *Run {
+	d.DefaultSourceLanguage = &defaultSourceLanguage
+	return d
+}
+
+// WithExternalPropertyFileReferences - add a ExternalPropertyFileReferences to the Run
+func (e *Run) WithExternalPropertyFileReferences(externalPropertyFileReferences *ExternalPropertyFileReferences) *Run {
+	e.ExternalPropertyFileReferences = externalPropertyFileReferences
+	return e
+}
+
+// WithGraphs - add a Graphs to the Run
+func (g *Run) WithGraphs(graphs []*Graph) *Run {
+	g.Graphs = graphs
+	return g
+}
+
+// AddGraph - add a single Graph to the Run
+func (g *Run) AddGraph(graph *Graph) *Run {
+	g.Graphs = append(g.Graphs, graph)
+	return g
+}
+
+// WithInvocations - add a Invocations to the Run
+func (i *Run) WithInvocations(invocations []*Invocation) *Run {
+	i.Invocations = invocations
+	return i
+}
+
+// AddInvocation - add a single Invocation to the Run
+func (i *Run) AddInvocation(invocation *Invocation) *Run {
+	i.Invocations = append(i.Invocations, invocation)
+	return i
+}
+
+// WithLanguage - add a Language to the Run
+func (l *Run) WithLanguage(language string) *Run {
+	l.Language = language
+	return l
+}
+
+// WithLogicalLocations - add a LogicalLocations to the Run
+func (l *Run) WithLogicalLocations(logicalLocations []*LogicalLocation) *Run {
+	l.LogicalLocations = logicalLocations
+	return l
+}
+
+// AddLogicalLocation - add a single LogicalLocation to the Run
+func (l *Run) AddLogicalLocation(logicalLocation *LogicalLocation) *Run {
+	l.LogicalLocations = append(l.LogicalLocations, logicalLocation)
+	return l
+}
+
+// WithNewlineSequences - add a NewlineSequences to the Run
+func (n *Run) WithNewlineSequences(newlineSequences []string) *Run {
+	n.NewlineSequences = newlineSequences
+	return n
+}
+
+// AddNewlineSequence - add a single NewlineSequence to the Run
+func (n *Run) AddNewlineSequence(newlineSequence string) *Run {
+	n.NewlineSequences = append(n.NewlineSequences, newlineSequence)
+	return n
+}
+
+// WithPolicies - add a Policies to the Run
+func (p *Run) WithPolicies(policies []*ToolComponent) *Run {
+	p.Policies = policies
+	return p
+}
+
+// AddPolicie - add a single Policie to the Run
+func (p *Run) AddPolicie(policie *ToolComponent) *Run {
+	p.Policies = append(p.Policies, policie)
+	return p
+}
+
+// WithProperties - add a Properties to the Run
+func (p *Run) WithProperties(properties *PropertyBag) *Run {
+	p.Properties = properties
+	return p
+}
+
+// WithRedactionTokens - add a RedactionTokens to the Run
+func (r *Run) WithRedactionTokens(redactionTokens []string) *Run {
+	r.RedactionTokens = redactionTokens
+	return r
+}
+
+// AddRedactionToken - add a single RedactionToken to the Run
+func (r *Run) AddRedactionToken(redactionToken string) *Run {
+	r.RedactionTokens = append(r.RedactionTokens, redactionToken)
+	return r
+}
+
+// WithResults - add a Results to the Run
+func (r *Run) WithResults(results []*Result) *Run {
+	r.Results = results
+	return r
+}
+
+// AddResult - add a single Result to the Run
+func (r *Run) AddResult(result *Result) *Run {
+	r.Results = append(r.Results, result)
+	return r
+}
+
+// WithRunAggregates - add a RunAggregates to the Run
+func (r *Run) WithRunAggregates(runAggregates []*RunAutomationDetails) *Run {
+	r.RunAggregates = runAggregates
+	return r
+}
+
+// AddRunAggregate - add a single RunAggregate to the Run
+func (r *Run) AddRunAggregate(runAggregate *RunAutomationDetails) *Run {
+	r.RunAggregates = append(r.RunAggregates, runAggregate)
+	return r
+}
+
+// WithSpecialLocations - add a SpecialLocations to the Run
+func (s *Run) WithSpecialLocations(specialLocations *SpecialLocations) *Run {
+	s.SpecialLocations = specialLocations
+	return s
+}
+
+// WithTaxonomies - add a Taxonomies to the Run
+func (t *Run) WithTaxonomies(taxonomies []*ToolComponent) *Run {
+	t.Taxonomies = taxonomies
+	return t
+}
+
+// AddTaxonomie - add a single Taxonomie to the Run
+func (t *Run) AddTaxonomie(taxonomie *ToolComponent) *Run {
+	t.Taxonomies = append(t.Taxonomies, taxonomie)
+	return t
+}
+
+// WithThreadFlowLocations - add a ThreadFlowLocations to the Run
+func (t *Run) WithThreadFlowLocations(threadFlowLocations []*ThreadFlowLocation) *Run {
+	t.ThreadFlowLocations = threadFlowLocations
+	return t
+}
+
+// AddThreadFlowLocation - add a single ThreadFlowLocation to the Run
+func (t *Run) AddThreadFlowLocation(threadFlowLocation *ThreadFlowLocation) *Run {
+	t.ThreadFlowLocations = append(t.ThreadFlowLocations, threadFlowLocation)
+	return t
+}
+
+// WithTool - add a Tool to the Run
+func (t *Run) WithTool(tool *Tool) *Run {
+	t.Tool = tool
+	return t
+}
+
+// WithTranslations - add a Translations to the Run
+func (t *Run) WithTranslations(translations []*ToolComponent) *Run {
+	t.Translations = translations
+	return t
+}
+
+// AddTranslation - add a single Translation to the Run
+func (t *Run) AddTranslation(translation *ToolComponent) *Run {
+	t.Translations = append(t.Translations, translation)
+	return t
+}
+
+// WithVersionControlProvenance - add a VersionControlProvenance to the Run
+func (v *Run) WithVersionControlProvenance(versionControlProvenance []*VersionControlDetails) *Run {
+	v.VersionControlProvenance = versionControlProvenance
+	return v
+}
+
+// AddVersionControlProvenance - add a single VersionControlProvenance to the Run
+func (v *Run) AddVersionControlProvenance(versionControlProvenance *VersionControlDetails) *Run {
+	v.VersionControlProvenance = append(v.VersionControlProvenance, versionControlProvenance)
+	return v
+}
+
+// WithWebRequests - add a WebRequests to the Run
+func (w *Run) WithWebRequests(webRequests []*WebRequest) *Run {
+	w.WebRequests = webRequests
+	return w
+}
+
+// AddWebRequest - add a single WebRequest to the Run
+func (w *Run) AddWebRequest(webRequest *WebRequest) *Run {
+	w.WebRequests = append(w.WebRequests, webRequest)
+	return w
+}
+
+// WithWebResponses - add a WebResponses to the Run
+func (w *Run) WithWebResponses(webResponses []*WebResponse) *Run {
+	w.WebResponses = webResponses
+	return w
+}
+
+// AddWebResponse - add a single WebResponse to the Run
+func (w *Run) AddWebResponse(webResponse *WebResponse) *Run {
+	w.WebResponses = append(w.WebResponses, webResponse)
+	return w
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/run_automation_details.go

@@ -0,0 +1,54 @@
+package sarif
+
+// RunAutomationDetails - Information that describes a run's identity and role within an engineering system process.
+type RunAutomationDetails struct {
+	// A stable, unique identifier for the equivalence class of runs to which this object's containing run object belongs in the form of a GUID.
+	CorrelationGuID *string `json:"correlationGuid,omitempty"`
+
+	// A description of the identity and role played within the engineering system by this object's containing run object.
+	Description *Message `json:"description,omitempty"`
+
+	// A stable, unique identifier for this object's containing run object in the form of a GUID.
+	GuID *string `json:"guid,omitempty"`
+
+	// A hierarchical string that uniquely identifies this object's containing run object.
+	ID *string `json:"id,omitempty"`
+
+	// Key/value pairs that provide additional information about the run automation details.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewRunAutomationDetails - creates a new
+func NewRunAutomationDetails() *RunAutomationDetails {
+	return &RunAutomationDetails{}
+}
+
+// WithCorrelationGuID - add a CorrelationGuID to the RunAutomationDetails
+func (c *RunAutomationDetails) WithCorrelationGuID(correlationGuid string) *RunAutomationDetails {
+	c.CorrelationGuID = &correlationGuid
+	return c
+}
+
+// WithDescription - add a Description to the RunAutomationDetails
+func (d *RunAutomationDetails) WithDescription(description *Message) *RunAutomationDetails {
+	d.Description = description
+	return d
+}
+
+// WithGuID - add a GuID to the RunAutomationDetails
+func (g *RunAutomationDetails) WithGuID(guid string) *RunAutomationDetails {
+	g.GuID = &guid
+	return g
+}
+
+// WithID - add a ID to the RunAutomationDetails
+func (i *RunAutomationDetails) WithID(id string) *RunAutomationDetails {
+	i.ID = &id
+	return i
+}
+
+// WithProperties - add a Properties to the RunAutomationDetails
+func (p *RunAutomationDetails) WithProperties(properties *PropertyBag) *RunAutomationDetails {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/run_companion.go

@@ -0,0 +1,67 @@
+package sarif
+
+import "github.com/owenrumney/go-sarif/v3/pkg/report/utils"
+
+// AddRule returns an existing ReportingDescriptor for the ruleID or creates a new ReportingDescriptor and returns a pointer to it
+func (run *Run) AddRule(ruleID string) *ReportingDescriptor {
+	for _, rule := range run.Tool.Driver.Rules {
+		if *rule.ID == ruleID {
+			return rule
+		}
+	}
+	rule := NewRule(ruleID)
+	run.Tool.Driver.Rules = append(run.Tool.Driver.Rules, rule)
+	return rule
+}
+
+// GetRuleIndex returns the index of the rule with the given ID, or -1 if it does not exist
+func (run *Run) GetRuleIndex(ruleID string) int {
+	if run.Tool == nil || run.Tool.Driver == nil || run.Tool.Driver.Rules == nil || ruleID == "" {
+		return -1
+	}
+
+	for i, rule := range run.Tool.Driver.Rules {
+		if *rule.ID == ruleID {
+			return i
+		}
+	}
+	return -1
+}
+
+// AddDistinctArtifact will handle deduplication of simple artifact additions
+func (run *Run) AddDistinctArtifact(uri string) *Artifact {
+	for _, artifact := range run.Artifacts {
+		if *artifact.Location.URI == uri {
+			return artifact
+		}
+	}
+
+	a := NewArtifact().WithLength(utils.DefaultLengthInt)
+	a.WithLocation(NewSimpleArtifactLocation(uri))
+
+	run.Artifacts = append(run.Artifacts, a)
+	return a
+}
+
+// CreateResultForRule returns an existing Result or creates a new one and returns a pointer to it
+func (run *Run) CreateResultForRule(ruleID string) *Result {
+	ruleIndex := run.GetRuleIndex(ruleID)
+	result := NewRuleResult(ruleID).WithRuleIndex(ruleIndex)
+	run.AddResult(result)
+	return result
+}
+
+// DedupeArtifacts will remove any duplicate artifacts from the run
+func (run *Run) DedupeArtifacts() error {
+	dupes := map[*Artifact]bool{}
+	deduped := []*Artifact{}
+
+	for _, a := range run.Artifacts {
+		if _, ok := dupes[a]; !ok {
+			dupes[a] = true
+			deduped = append(deduped, a)
+		}
+	}
+	run.Artifacts = deduped
+	return nil
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/sarif.go

@@ -0,0 +1,135 @@
+package sarif
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"os"
+
+	"github.com/xeipuuv/gojsonschema"
+)
+
+type Report struct {
+	// The URI of the JSON schema corresponding to the version.
+	Schema string `json:"$schema"`
+
+	// The SARIF format version of this log file.
+	Version string `json:"version"`
+
+	// The set of runs contained in this log file.
+	Runs []*Run `json:"runs"`
+
+	// References to external property files that should be inlined with the content of a root log file.
+	InlineExternalProperties []*ExternalProperties `json:"inlineExternalProperties,omitempty"`
+
+	// Key/value pairs that provide additional information about the report.
+	Properties PropertyBag `json:"properties,omitempty"`
+}
+
+func NewReport() *Report {
+	return &Report{
+		Schema:                   "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/main/sarif-2.1/schema/sarif-schema-2.1.0.json",
+		Version:                  "2.1.0",
+		Runs:                     []*Run{},
+		InlineExternalProperties: []*ExternalProperties{},
+		Properties:               *NewPropertyBag(),
+	}
+}
+
+// AddRun adds a run to the report
+func (r *Report) AddRun(run *Run) *Report {
+	r.Runs = append(r.Runs, run)
+	return r
+}
+
+// Validate validates the report against the SARIF schema
+func (r *Report) Validate() error {
+	schemaLoader := gojsonschema.NewStringLoader(schema)
+	documentLoader := gojsonschema.NewGoLoader(r)
+	result, err := gojsonschema.Validate(schemaLoader, documentLoader)
+	if err != nil {
+		return err
+	}
+
+	var errors []string
+
+	if !result.Valid() {
+		for _, desc := range result.Errors() {
+			errors = append(errors, fmt.Sprintf("%s\n", desc.String()))
+		}
+		return fmt.Errorf("validation failed: %v", errors)
+	}
+
+	return nil
+}
+
+// NewRunWithInformationURI creates a new Run and returns a pointer to it
+func NewRunWithInformationURI(toolName, informationURI string) *Run {
+	run := NewRun()
+	run.Tool = NewTool()
+	run.Tool.Driver = NewToolComponent()
+	run.Tool.Driver.Name = &toolName
+	run.Tool.Driver.InformationURI = &informationURI
+	return run
+}
+
+// Open loads a Report from a file
+func Open(filename string) (*Report, error) {
+	if _, err := os.Stat(filename); err != nil && os.IsNotExist(err) {
+		return nil, errors.New("the provided file path doesn't have a file")
+	}
+
+	content, err := os.ReadFile(filename)
+	if err != nil {
+		return nil, fmt.Errorf("the provided filepath could not be opened. %w", err)
+	}
+	return FromBytes(content)
+}
+
+// FromString loads a Report from string content
+func FromString(content string) (*Report, error) {
+	return FromBytes([]byte(content))
+}
+
+// FromBytes loads a Report from a byte array
+func FromBytes(content []byte) (*Report, error) {
+	var report Report
+	if err := json.Unmarshal(content, &report); err != nil {
+		return nil, err
+	}
+	return &report, nil
+}
+
+// WriteFile will write the report to a file using a pretty formatter
+func (sarif *Report) WriteFile(filename string) error {
+	file, err := os.OpenFile(filename, os.O_CREATE|os.O_WRONLY, 0644)
+	if err != nil {
+		return err
+	}
+	defer func() { _ = file.Close() }()
+	return sarif.PrettyWrite(file)
+}
+
+// Write writes the JSON as a string with no formatting
+func (sarif *Report) Write(w io.Writer) error {
+	for _, run := range sarif.Runs {
+		run.DedupeArtifacts()
+	}
+	marshal, err := json.Marshal(sarif)
+	if err != nil {
+		return err
+	}
+	_, err = w.Write(marshal)
+	return err
+}
+
+// PrettyWrite writes the JSON output with indentation
+func (sarif *Report) PrettyWrite(w io.Writer) error {
+	marshal, err := json.MarshalIndent(sarif, "", "  ")
+	if err != nil {
+		return err
+	}
+	_, err = w.Write(marshal)
+	return err
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/special_locations.go

@@ -0,0 +1,27 @@
+package sarif
+
+// SpecialLocations - Defines locations of special significance to SARIF consumers.
+type SpecialLocations struct {
+	// Provides a suggestion to SARIF consumers to display file paths relative to the specified location.
+	DisplayBase *ArtifactLocation `json:"displayBase,omitempty"`
+
+	// Key/value pairs that provide additional information about the special locations.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewSpecialLocations - creates a new
+func NewSpecialLocations() *SpecialLocations {
+	return &SpecialLocations{}
+}
+
+// WithDisplayBase - add a DisplayBase to the SpecialLocations
+func (d *SpecialLocations) WithDisplayBase(displayBase *ArtifactLocation) *SpecialLocations {
+	d.DisplayBase = displayBase
+	return d
+}
+
+// WithProperties - add a Properties to the SpecialLocations
+func (p *SpecialLocations) WithProperties(properties *PropertyBag) *SpecialLocations {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/stack.go

@@ -0,0 +1,44 @@
+package sarif
+
+// Stack - A call stack that is relevant to a result.
+type Stack struct {
+	// An array of stack frames that represents a sequence of calls, rendered in reverse chronological order, that comprise the call stack.
+	Frames []*StackFrame `json:"frames,omitempty"`
+
+	// A message relevant to this call stack.
+	Message *Message `json:"message,omitempty"`
+
+	// Key/value pairs that provide additional information about the stack.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewStack - creates a new
+func NewStack() *Stack {
+	return &Stack{
+		Frames: make([]*StackFrame, 0),
+	}
+}
+
+// WithFrames - add a Frames to the Stack
+func (f *Stack) WithFrames(frames []*StackFrame) *Stack {
+	f.Frames = frames
+	return f
+}
+
+// AddFrame - add a single Frame to the Stack
+func (f *Stack) AddFrame(frame *StackFrame) *Stack {
+	f.Frames = append(f.Frames, frame)
+	return f
+}
+
+// WithMessage - add a Message to the Stack
+func (m *Stack) WithMessage(message *Message) *Stack {
+	m.Message = message
+	return m
+}
+
+// WithProperties - add a Properties to the Stack
+func (p *Stack) WithProperties(properties *PropertyBag) *Stack {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/stack_frame.go

@@ -0,0 +1,62 @@
+package sarif
+
+// StackFrame - A function call within a stack trace.
+type StackFrame struct {
+	// The location to which this stack frame refers.
+	Location *Location `json:"location,omitempty"`
+
+	// The name of the module that contains the code of this stack frame.
+	Module *string `json:"module,omitempty"`
+
+	// The parameters of the call that is executing.
+	Parameters []string `json:"parameters"`
+
+	// Key/value pairs that provide additional information about the stack frame.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The thread identifier of the stack frame.
+	ThreadID *int `json:"threadId,omitempty"`
+}
+
+// NewStackFrame - creates a new
+func NewStackFrame() *StackFrame {
+	return &StackFrame{
+		Parameters: make([]string, 0),
+	}
+}
+
+// WithLocation - add a Location to the StackFrame
+func (l *StackFrame) WithLocation(location *Location) *StackFrame {
+	l.Location = location
+	return l
+}
+
+// WithModule - add a Module to the StackFrame
+func (m *StackFrame) WithModule(module string) *StackFrame {
+	m.Module = &module
+	return m
+}
+
+// WithParameters - add a Parameters to the StackFrame
+func (p *StackFrame) WithParameters(parameters []string) *StackFrame {
+	p.Parameters = parameters
+	return p
+}
+
+// AddParameter - add a single Parameter to the StackFrame
+func (p *StackFrame) AddParameter(parameter string) *StackFrame {
+	p.Parameters = append(p.Parameters, parameter)
+	return p
+}
+
+// WithProperties - add a Properties to the StackFrame
+func (p *StackFrame) WithProperties(properties *PropertyBag) *StackFrame {
+	p.Properties = properties
+	return p
+}
+
+// WithThreadID - add a ThreadID to the StackFrame
+func (t *StackFrame) WithThreadID(threadId int) *StackFrame {
+	t.ThreadID = &threadId
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/suppression.go

@@ -0,0 +1,63 @@
+package sarif
+
+// Suppression - A suppression that is relevant to a result.
+type Suppression struct {
+	// A stable, unique identifier for the suprression in the form of a GUID.
+	GuID *string `json:"guid,omitempty"`
+
+	// A string representing the justification for the suppression.
+	Justification *string `json:"justification,omitempty"`
+
+	// A string that indicates where the suppression is persisted.
+	Kind *string `json:"kind,omitempty"`
+
+	// Identifies the location associated with the suppression.
+	Location *Location `json:"location,omitempty"`
+
+	// Key/value pairs that provide additional information about the suppression.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A string that indicates the review status of the suppression.
+	Status *string `json:"status,omitempty"`
+}
+
+// NewSuppression - creates a new
+func NewSuppression() *Suppression {
+	return &Suppression{}
+}
+
+// WithGuID - add a GuID to the Suppression
+func (g *Suppression) WithGuID(guid string) *Suppression {
+	g.GuID = &guid
+	return g
+}
+
+// WithJustification - add a Justification to the Suppression
+func (j *Suppression) WithJustification(justification string) *Suppression {
+	j.Justification = &justification
+	return j
+}
+
+// WithKind - add a Kind to the Suppression
+func (k *Suppression) WithKind(kind string) *Suppression {
+	k.Kind = &kind
+	return k
+}
+
+// WithLocation - add a Location to the Suppression
+func (l *Suppression) WithLocation(location *Location) *Suppression {
+	l.Location = location
+	return l
+}
+
+// WithProperties - add a Properties to the Suppression
+func (p *Suppression) WithProperties(properties *PropertyBag) *Suppression {
+	p.Properties = properties
+	return p
+}
+
+// WithStatus - add a Status to the Suppression
+func (s *Suppression) WithStatus(status string) *Suppression {
+	s.Status = &status
+	return s
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/thread_flow.go

@@ -0,0 +1,83 @@
+package sarif
+
+// ThreadFlow - Describes a sequence of code locations that specify a path through a single thread of execution such as an operating system or fiber.
+type ThreadFlow struct {
+	// Values of relevant expressions at the start of the thread flow that may change during thread flow execution.
+	InitialState map[string]MultiformatMessageString `json:"initialState,omitempty"`
+
+	// Values of relevant expressions at the start of the thread flow that remain constant.
+	ImmutableState map[string]MultiformatMessageString `json:"immutableState,omitempty"`
+
+	// An string that uniquely identifies the threadFlow within the codeFlow in which it occurs.
+	ID *string `json:"id,omitempty"`
+
+	// A temporally ordered array of 'threadFlowLocation' objects, each of which describes a location visited by the tool while producing the result.
+	Locations []*ThreadFlowLocation `json:"locations,omitempty"`
+
+	// A message relevant to the thread flow.
+	Message *Message `json:"message,omitempty"`
+
+	// Key/value pairs that provide additional information about the thread flow.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewThreadFlow - creates a new
+func NewThreadFlow() *ThreadFlow {
+	return &ThreadFlow{
+		Locations: make([]*ThreadFlowLocation, 0),
+	}
+}
+
+// AddInitialState - add a single InitialState to the ThreadFlow
+func (i *ThreadFlow) AddInitialState(key string, initialState MultiformatMessageString) *ThreadFlow {
+	i.InitialState[key] = initialState
+	return i
+}
+
+// WithInitialState - add a InitialState to the ThreadFlow
+func (i *ThreadFlow) WithInitialState(initialState map[string]MultiformatMessageString) *ThreadFlow {
+	i.InitialState = initialState
+	return i
+}
+
+// AddImmutableState - add a single ImmutableState to the ThreadFlow
+func (i *ThreadFlow) AddImmutableState(key string, immutableState MultiformatMessageString) *ThreadFlow {
+	i.ImmutableState[key] = immutableState
+	return i
+}
+
+// WithImmutableState - add a ImmutableState to the ThreadFlow
+func (i *ThreadFlow) WithImmutableState(immutableState map[string]MultiformatMessageString) *ThreadFlow {
+	i.ImmutableState = immutableState
+	return i
+}
+
+// WithID - add a ID to the ThreadFlow
+func (i *ThreadFlow) WithID(id string) *ThreadFlow {
+	i.ID = &id
+	return i
+}
+
+// WithLocations - add a Locations to the ThreadFlow
+func (l *ThreadFlow) WithLocations(locations []*ThreadFlowLocation) *ThreadFlow {
+	l.Locations = locations
+	return l
+}
+
+// AddLocation - add a single Location to the ThreadFlow
+func (l *ThreadFlow) AddLocation(location *ThreadFlowLocation) *ThreadFlow {
+	l.Locations = append(l.Locations, location)
+	return l
+}
+
+// WithMessage - add a Message to the ThreadFlow
+func (m *ThreadFlow) WithMessage(message *Message) *ThreadFlow {
+	m.Message = message
+	return m
+}
+
+// WithProperties - add a Properties to the ThreadFlow
+func (p *ThreadFlow) WithProperties(properties *PropertyBag) *ThreadFlow {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/thread_flow_location.go

@@ -0,0 +1,159 @@
+package sarif
+
+// ThreadFlowLocation - A location visited by an analysis tool while simulating or monitoring the execution of a program.
+type ThreadFlowLocation struct {
+	// A dictionary, each of whose keys specifies a variable or expression, the associated value of which represents the variable or expression value. For an annotation of kind 'continuation', for example, this dictionary might hold the current assumed values of a set of global variables.
+	State map[string]MultiformatMessageString `json:"state,omitempty"`
+
+	// An integer representing the temporal order in which execution reached this location.
+	ExecutionOrder int `json:"executionOrder"`
+
+	// The Coordinated Universal Time (UTC) date and time at which this location was executed.
+	ExecutionTimeUtc *string `json:"executionTimeUtc,omitempty"`
+
+	// Specifies the importance of this location in understanding the code flow in which it occurs. The order from most to least important is "essential", "important", "unimportant". Default: "important".
+	Importance string `json:"importance"`
+
+	// The index within the run threadFlowLocations array.
+	Index int `json:"index"`
+
+	// A set of distinct strings that categorize the thread flow location. Well-known kinds include 'acquire', 'release', 'enter', 'exit', 'call', 'return', 'branch', 'implicit', 'false', 'true', 'caution', 'danger', 'unknown', 'unreachable', 'taint', 'function', 'handler', 'lock', 'memory', 'resource', 'scope' and 'value'.
+	Kinds []string `json:"kinds"`
+
+	// The code location.
+	Location *Location `json:"location,omitempty"`
+
+	// The name of the module that contains the code that is executing.
+	Module *string `json:"module,omitempty"`
+
+	// An integer representing a containment hierarchy within the thread flow.
+	NestingLevel *int `json:"nestingLevel,omitempty"`
+
+	// Key/value pairs that provide additional information about the threadflow location.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The call stack leading to this location.
+	Stack *Stack `json:"stack,omitempty"`
+
+	// An array of references to rule or taxonomy reporting descriptors that are applicable to the thread flow location.
+	Taxa []*ReportingDescriptorReference `json:"taxa"`
+
+	// A web request associated with this thread flow location.
+	WebRequest *WebRequest `json:"webRequest,omitempty"`
+
+	// A web response associated with this thread flow location.
+	WebResponse *WebResponse `json:"webResponse,omitempty"`
+}
+
+// NewThreadFlowLocation - creates a new
+func NewThreadFlowLocation() *ThreadFlowLocation {
+	return &ThreadFlowLocation{
+		ExecutionOrder: -1,
+		Importance:     "important",
+		Index:          -1,
+		Kinds:          make([]string, 0),
+		Taxa:           make([]*ReportingDescriptorReference, 0),
+	}
+}
+
+// AddState - add a single State to the ThreadFlowLocation
+func (s *ThreadFlowLocation) AddState(key string, state MultiformatMessageString) *ThreadFlowLocation {
+	s.State[key] = state
+	return s
+}
+
+// WithState - add a State to the ThreadFlowLocation
+func (s *ThreadFlowLocation) WithState(state map[string]MultiformatMessageString) *ThreadFlowLocation {
+	s.State = state
+	return s
+}
+
+// WithExecutionOrder - add a ExecutionOrder to the ThreadFlowLocation
+func (e *ThreadFlowLocation) WithExecutionOrder(executionOrder int) *ThreadFlowLocation {
+	e.ExecutionOrder = executionOrder
+	return e
+}
+
+// WithExecutionTimeUtc - add a ExecutionTimeUtc to the ThreadFlowLocation
+func (e *ThreadFlowLocation) WithExecutionTimeUtc(executionTimeUtc string) *ThreadFlowLocation {
+	e.ExecutionTimeUtc = &executionTimeUtc
+	return e
+}
+
+// WithImportance - add a Importance to the ThreadFlowLocation
+func (i *ThreadFlowLocation) WithImportance(importance string) *ThreadFlowLocation {
+	i.Importance = importance
+	return i
+}
+
+// WithIndex - add a Index to the ThreadFlowLocation
+func (i *ThreadFlowLocation) WithIndex(index int) *ThreadFlowLocation {
+	i.Index = index
+	return i
+}
+
+// WithKinds - add a Kinds to the ThreadFlowLocation
+func (k *ThreadFlowLocation) WithKinds(kinds []string) *ThreadFlowLocation {
+	k.Kinds = kinds
+	return k
+}
+
+// AddKind - add a single Kind to the ThreadFlowLocation
+func (k *ThreadFlowLocation) AddKind(kind string) *ThreadFlowLocation {
+	k.Kinds = append(k.Kinds, kind)
+	return k
+}
+
+// WithLocation - add a Location to the ThreadFlowLocation
+func (l *ThreadFlowLocation) WithLocation(location *Location) *ThreadFlowLocation {
+	l.Location = location
+	return l
+}
+
+// WithModule - add a Module to the ThreadFlowLocation
+func (m *ThreadFlowLocation) WithModule(module string) *ThreadFlowLocation {
+	m.Module = &module
+	return m
+}
+
+// WithNestingLevel - add a NestingLevel to the ThreadFlowLocation
+func (n *ThreadFlowLocation) WithNestingLevel(nestingLevel int) *ThreadFlowLocation {
+	n.NestingLevel = &nestingLevel
+	return n
+}
+
+// WithProperties - add a Properties to the ThreadFlowLocation
+func (p *ThreadFlowLocation) WithProperties(properties *PropertyBag) *ThreadFlowLocation {
+	p.Properties = properties
+	return p
+}
+
+// WithStack - add a Stack to the ThreadFlowLocation
+func (s *ThreadFlowLocation) WithStack(stack *Stack) *ThreadFlowLocation {
+	s.Stack = stack
+	return s
+}
+
+// WithTaxa - add a Taxa to the ThreadFlowLocation
+func (t *ThreadFlowLocation) WithTaxa(taxa []*ReportingDescriptorReference) *ThreadFlowLocation {
+	t.Taxa = taxa
+	return t
+}
+
+// AddTaxa - add a single Taxa to the ThreadFlowLocation
+func (t *ThreadFlowLocation) AddTaxa(taxa *ReportingDescriptorReference) *ThreadFlowLocation {
+	t.Taxa = append(t.Taxa, taxa)
+	return t
+}
+
+// WithWebRequest - add a WebRequest to the ThreadFlowLocation
+func (w *ThreadFlowLocation) WithWebRequest(webRequest *WebRequest) *ThreadFlowLocation {
+	w.WebRequest = webRequest
+	return w
+}
+
+// WithWebResponse - add a WebResponse to the ThreadFlowLocation
+func (w *ThreadFlowLocation) WithWebResponse(webResponse *WebResponse) *ThreadFlowLocation {
+	w.WebResponse = webResponse
+	return w
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/tool.go

@@ -0,0 +1,44 @@
+package sarif
+
+// Tool - The analysis tool that was run.
+type Tool struct {
+	// The analysis tool that was run.
+	Driver *ToolComponent `json:"driver,omitempty"`
+
+	// Tool extensions that contributed to or reconfigured the analysis tool that was run.
+	Extensions []*ToolComponent `json:"extensions"`
+
+	// Key/value pairs that provide additional information about the tool.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewTool - creates a new
+func NewTool() *Tool {
+	return &Tool{
+		Extensions: make([]*ToolComponent, 0),
+	}
+}
+
+// WithDriver - add a Driver to the Tool
+func (d *Tool) WithDriver(driver *ToolComponent) *Tool {
+	d.Driver = driver
+	return d
+}
+
+// WithExtensions - add a Extensions to the Tool
+func (e *Tool) WithExtensions(extensions []*ToolComponent) *Tool {
+	e.Extensions = extensions
+	return e
+}
+
+// AddExtension - add a single Extension to the Tool
+func (e *Tool) AddExtension(extension *ToolComponent) *Tool {
+	e.Extensions = append(e.Extensions, extension)
+	return e
+}
+
+// WithProperties - add a Properties to the Tool
+func (p *Tool) WithProperties(properties *PropertyBag) *Tool {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/tool_component.go

@@ -0,0 +1,312 @@
+package sarif
+
+// ToolComponent - A component, such as a plug-in or the driver, of the analysis tool that was run.
+type ToolComponent struct {
+	// A dictionary, each of whose keys is a resource identifier and each of whose values is a multiformatMessageString object, which holds message strings in plain text and (optionally) Markdown format. The strings can include placeholders, which can be used to construct a message in combination with an arbitrary number of additional string arguments.
+	GlobalMessageStrings map[string]MultiformatMessageString `json:"globalMessageStrings,omitempty"`
+
+	// The component which is strongly associated with this component. For a translation, this refers to the component which has been translated. For an extension, this is the driver that provides the extension's plugin model.
+	AssociatedComponent *ToolComponentReference `json:"associatedComponent,omitempty"`
+
+	// The kinds of data contained in this object.
+	Contents []string `json:"contents"`
+
+	// The binary version of the tool component's primary executable file expressed as four non-negative integers separated by a period (for operating systems that express file versions in this way).
+	DottedQuadFileVersion *string `json:"dottedQuadFileVersion,omitempty"`
+
+	// The absolute URI from which the tool component can be downloaded.
+	DownloadURI *string `json:"downloadUri,omitempty"`
+
+	// A comprehensive description of the tool component.
+	FullDescription *MultiformatMessageString `json:"fullDescription,omitempty"`
+
+	// The name of the tool component along with its version and any other useful identifying information, such as its locale.
+	FullName *string `json:"fullName,omitempty"`
+
+	// A unique identifier for the tool component in the form of a GUID.
+	GuID *string `json:"guid,omitempty"`
+
+	// The absolute URI at which information about this version of the tool component can be found.
+	InformationURI *string `json:"informationUri,omitempty"`
+
+	// Specifies whether this object contains a complete definition of the localizable and/or non-localizable data for this component, as opposed to including only data that is relevant to the results persisted to this log file.
+	IsComprehensive bool `json:"isComprehensive"`
+
+	// The language of the messages emitted into the log file during this run (expressed as an ISO 639-1 two-letter lowercase language code) and an optional region (expressed as an ISO 3166-1 two-letter uppercase subculture code associated with a country or region). The casing is recommended but not required (in order for this data to conform to RFC5646).
+	Language string `json:"language"`
+
+	// The semantic version of the localized strings defined in this component; maintained by components that provide translations.
+	LocalizedDataSemanticVersion *string `json:"localizedDataSemanticVersion,omitempty"`
+
+	// An array of the artifactLocation objects associated with the tool component.
+	Locations []*ArtifactLocation `json:"locations"`
+
+	// The minimum value of localizedDataSemanticVersion required in translations consumed by this component; used by components that consume translations.
+	MinimumRequiredLocalizedDataSemanticVersion *string `json:"minimumRequiredLocalizedDataSemanticVersion,omitempty"`
+
+	// The name of the tool component.
+	Name *string `json:"name,omitempty"`
+
+	// An array of reportingDescriptor objects relevant to the notifications related to the configuration and runtime execution of the tool component.
+	Notifications []*ReportingDescriptor `json:"notifications"`
+
+	// The organization or company that produced the tool component.
+	Organization *string `json:"organization,omitempty"`
+
+	// A product suite to which the tool component belongs.
+	Product *string `json:"product,omitempty"`
+
+	// A localizable string containing the name of the suite of products to which the tool component belongs.
+	ProductSuite *string `json:"productSuite,omitempty"`
+
+	// Key/value pairs that provide additional information about the tool component.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A string specifying the UTC date (and optionally, the time) of the component's release.
+	ReleaseDateUtc *string `json:"releaseDateUtc,omitempty"`
+
+	// An array of reportingDescriptor objects relevant to the analysis performed by the tool component.
+	Rules []*ReportingDescriptor `json:"rules"`
+
+	// The tool component version in the format specified by Semantic Versioning 2.0.
+	SemanticVersion *string `json:"semanticVersion,omitempty"`
+
+	// A brief description of the tool component.
+	ShortDescription *MultiformatMessageString `json:"shortDescription,omitempty"`
+
+	// An array of toolComponentReference objects to declare the taxonomies supported by the tool component.
+	SupportedTaxonomies []*ToolComponentReference `json:"supportedTaxonomies"`
+
+	// An array of reportingDescriptor objects relevant to the definitions of both standalone and tool-defined taxonomies.
+	Taxa []*ReportingDescriptor `json:"taxa"`
+
+	// Translation metadata, required for a translation, not populated by other component types.
+	TranslationMetadata *TranslationMetadata `json:"translationMetadata,omitempty"`
+
+	// The tool component version, in whatever format the component natively provides.
+	Version *string `json:"version,omitempty"`
+}
+
+// NewToolComponent - creates a new
+func NewToolComponent() *ToolComponent {
+	return &ToolComponent{
+		Contents:            []string{"localizedData", "nonLocalizedData"},
+		IsComprehensive:     false,
+		Language:            "en-US",
+		Locations:           make([]*ArtifactLocation, 0),
+		Notifications:       make([]*ReportingDescriptor, 0),
+		Rules:               make([]*ReportingDescriptor, 0),
+		SupportedTaxonomies: make([]*ToolComponentReference, 0),
+		Taxa:                make([]*ReportingDescriptor, 0),
+	}
+}
+
+// AddGlobalMessageString - add a single GlobalMessageString to the ToolComponent
+func (g *ToolComponent) AddGlobalMessageString(key string, globalMessageString MultiformatMessageString) *ToolComponent {
+	g.GlobalMessageStrings[key] = globalMessageString
+	return g
+}
+
+// WithGlobalMessageStrings - add a GlobalMessageStrings to the ToolComponent
+func (g *ToolComponent) WithGlobalMessageStrings(globalMessageStrings map[string]MultiformatMessageString) *ToolComponent {
+	g.GlobalMessageStrings = globalMessageStrings
+	return g
+}
+
+// WithAssociatedComponent - add a AssociatedComponent to the ToolComponent
+func (a *ToolComponent) WithAssociatedComponent(associatedComponent *ToolComponentReference) *ToolComponent {
+	a.AssociatedComponent = associatedComponent
+	return a
+}
+
+// WithContents - add a Contents to the ToolComponent
+func (c *ToolComponent) WithContents(contents []string) *ToolComponent {
+	c.Contents = contents
+	return c
+}
+
+// AddContent - add a single Content to the ToolComponent
+func (c *ToolComponent) AddContent(content string) *ToolComponent {
+	c.Contents = append(c.Contents, content)
+	return c
+}
+
+// WithDottedQuadFileVersion - add a DottedQuadFileVersion to the ToolComponent
+func (d *ToolComponent) WithDottedQuadFileVersion(dottedQuadFileVersion string) *ToolComponent {
+	d.DottedQuadFileVersion = &dottedQuadFileVersion
+	return d
+}
+
+// WithDownloadURI - add a DownloadURI to the ToolComponent
+func (d *ToolComponent) WithDownloadURI(downloadUri string) *ToolComponent {
+	d.DownloadURI = &downloadUri
+	return d
+}
+
+// WithFullDescription - add a FullDescription to the ToolComponent
+func (f *ToolComponent) WithFullDescription(fullDescription *MultiformatMessageString) *ToolComponent {
+	f.FullDescription = fullDescription
+	return f
+}
+
+// WithFullName - add a FullName to the ToolComponent
+func (f *ToolComponent) WithFullName(fullName string) *ToolComponent {
+	f.FullName = &fullName
+	return f
+}
+
+// WithGuID - add a GuID to the ToolComponent
+func (g *ToolComponent) WithGuID(guid string) *ToolComponent {
+	g.GuID = &guid
+	return g
+}
+
+// WithInformationURI - add a InformationURI to the ToolComponent
+func (i *ToolComponent) WithInformationURI(informationUri string) *ToolComponent {
+	i.InformationURI = &informationUri
+	return i
+}
+
+// WithIsComprehensive - add a IsComprehensive to the ToolComponent
+func (i *ToolComponent) WithIsComprehensive(isComprehensive bool) *ToolComponent {
+	i.IsComprehensive = isComprehensive
+	return i
+}
+
+// WithLanguage - add a Language to the ToolComponent
+func (l *ToolComponent) WithLanguage(language string) *ToolComponent {
+	l.Language = language
+	return l
+}
+
+// WithLocalizedDataSemanticVersion - add a LocalizedDataSemanticVersion to the ToolComponent
+func (l *ToolComponent) WithLocalizedDataSemanticVersion(localizedDataSemanticVersion string) *ToolComponent {
+	l.LocalizedDataSemanticVersion = &localizedDataSemanticVersion
+	return l
+}
+
+// WithLocations - add a Locations to the ToolComponent
+func (l *ToolComponent) WithLocations(locations []*ArtifactLocation) *ToolComponent {
+	l.Locations = locations
+	return l
+}
+
+// AddLocation - add a single Location to the ToolComponent
+func (l *ToolComponent) AddLocation(location *ArtifactLocation) *ToolComponent {
+	l.Locations = append(l.Locations, location)
+	return l
+}
+
+// WithMinimumRequiredLocalizedDataSemanticVersion - add a MinimumRequiredLocalizedDataSemanticVersion to the ToolComponent
+func (m *ToolComponent) WithMinimumRequiredLocalizedDataSemanticVersion(minimumRequiredLocalizedDataSemanticVersion string) *ToolComponent {
+	m.MinimumRequiredLocalizedDataSemanticVersion = &minimumRequiredLocalizedDataSemanticVersion
+	return m
+}
+
+// WithName - add a Name to the ToolComponent
+func (n *ToolComponent) WithName(name string) *ToolComponent {
+	n.Name = &name
+	return n
+}
+
+// WithNotifications - add a Notifications to the ToolComponent
+func (n *ToolComponent) WithNotifications(notifications []*ReportingDescriptor) *ToolComponent {
+	n.Notifications = notifications
+	return n
+}
+
+// AddNotification - add a single Notification to the ToolComponent
+func (n *ToolComponent) AddNotification(notification *ReportingDescriptor) *ToolComponent {
+	n.Notifications = append(n.Notifications, notification)
+	return n
+}
+
+// WithOrganization - add a Organization to the ToolComponent
+func (o *ToolComponent) WithOrganization(organization string) *ToolComponent {
+	o.Organization = &organization
+	return o
+}
+
+// WithProduct - add a Product to the ToolComponent
+func (p *ToolComponent) WithProduct(product string) *ToolComponent {
+	p.Product = &product
+	return p
+}
+
+// WithProductSuite - add a ProductSuite to the ToolComponent
+func (p *ToolComponent) WithProductSuite(productSuite string) *ToolComponent {
+	p.ProductSuite = &productSuite
+	return p
+}
+
+// WithProperties - add a Properties to the ToolComponent
+func (p *ToolComponent) WithProperties(properties *PropertyBag) *ToolComponent {
+	p.Properties = properties
+	return p
+}
+
+// WithReleaseDateUtc - add a ReleaseDateUtc to the ToolComponent
+func (r *ToolComponent) WithReleaseDateUtc(releaseDateUtc string) *ToolComponent {
+	r.ReleaseDateUtc = &releaseDateUtc
+	return r
+}
+
+// WithRules - add a Rules to the ToolComponent
+func (r *ToolComponent) WithRules(rules []*ReportingDescriptor) *ToolComponent {
+	r.Rules = rules
+	return r
+}
+
+// AddRule - add a single Rule to the ToolComponent
+func (r *ToolComponent) AddRule(rule *ReportingDescriptor) *ToolComponent {
+	r.Rules = append(r.Rules, rule)
+	return r
+}
+
+// WithSemanticVersion - add a SemanticVersion to the ToolComponent
+func (s *ToolComponent) WithSemanticVersion(semanticVersion string) *ToolComponent {
+	s.SemanticVersion = &semanticVersion
+	return s
+}
+
+// WithShortDescription - add a ShortDescription to the ToolComponent
+func (s *ToolComponent) WithShortDescription(shortDescription *MultiformatMessageString) *ToolComponent {
+	s.ShortDescription = shortDescription
+	return s
+}
+
+// WithSupportedTaxonomies - add a SupportedTaxonomies to the ToolComponent
+func (s *ToolComponent) WithSupportedTaxonomies(supportedTaxonomies []*ToolComponentReference) *ToolComponent {
+	s.SupportedTaxonomies = supportedTaxonomies
+	return s
+}
+
+// AddSupportedTaxonomie - add a single SupportedTaxonomie to the ToolComponent
+func (s *ToolComponent) AddSupportedTaxonomie(supportedTaxonomie *ToolComponentReference) *ToolComponent {
+	s.SupportedTaxonomies = append(s.SupportedTaxonomies, supportedTaxonomie)
+	return s
+}
+
+// WithTaxa - add a Taxa to the ToolComponent
+func (t *ToolComponent) WithTaxa(taxa []*ReportingDescriptor) *ToolComponent {
+	t.Taxa = taxa
+	return t
+}
+
+// AddTaxa - add a single Taxa to the ToolComponent
+func (t *ToolComponent) AddTaxa(taxa *ReportingDescriptor) *ToolComponent {
+	t.Taxa = append(t.Taxa, taxa)
+	return t
+}
+
+// WithTranslationMetadata - add a TranslationMetadata to the ToolComponent
+func (t *ToolComponent) WithTranslationMetadata(translationMetadata *TranslationMetadata) *ToolComponent {
+	t.TranslationMetadata = translationMetadata
+	return t
+}
+
+// WithVersion - add a Version to the ToolComponent
+func (v *ToolComponent) WithVersion(version string) *ToolComponent {
+	v.Version = &version
+	return v
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/tool_component_reference.go

@@ -0,0 +1,47 @@
+package sarif
+
+// ToolComponentReference - Identifies a particular toolComponent object, either the driver or an extension.
+type ToolComponentReference struct {
+	// The 'guid' property of the referenced toolComponent.
+	GuID *string `json:"guid,omitempty"`
+
+	// An index into the referenced toolComponent in tool.extensions.
+	Index int `json:"index"`
+
+	// The 'name' property of the referenced toolComponent.
+	Name *string `json:"name,omitempty"`
+
+	// Key/value pairs that provide additional information about the toolComponentReference.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewToolComponentReference - creates a new
+func NewToolComponentReference() *ToolComponentReference {
+	return &ToolComponentReference{
+		Index: -1,
+	}
+}
+
+// WithGuID - add a GuID to the ToolComponentReference
+func (g *ToolComponentReference) WithGuID(guid string) *ToolComponentReference {
+	g.GuID = &guid
+	return g
+}
+
+// WithIndex - add a Index to the ToolComponentReference
+func (i *ToolComponentReference) WithIndex(index int) *ToolComponentReference {
+	i.Index = index
+	return i
+}
+
+// WithName - add a Name to the ToolComponentReference
+func (n *ToolComponentReference) WithName(name string) *ToolComponentReference {
+	n.Name = &name
+	return n
+}
+
+// WithProperties - add a Properties to the ToolComponentReference
+func (p *ToolComponentReference) WithProperties(properties *PropertyBag) *ToolComponentReference {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/translation_metadata.go

@@ -0,0 +1,72 @@
+package sarif
+
+// TranslationMetadata - Provides additional metadata related to translation.
+type TranslationMetadata struct {
+	// The absolute URI from which the translation metadata can be downloaded.
+	DownloadURI *string `json:"downloadUri,omitempty"`
+
+	// A comprehensive description of the translation metadata.
+	FullDescription *MultiformatMessageString `json:"fullDescription,omitempty"`
+
+	// The full name associated with the translation metadata.
+	FullName *string `json:"fullName,omitempty"`
+
+	// The absolute URI from which information related to the translation metadata can be downloaded.
+	InformationURI *string `json:"informationUri,omitempty"`
+
+	// The name associated with the translation metadata.
+	Name *string `json:"name,omitempty"`
+
+	// Key/value pairs that provide additional information about the translation metadata.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A brief description of the translation metadata.
+	ShortDescription *MultiformatMessageString `json:"shortDescription,omitempty"`
+}
+
+// NewTranslationMetadata - creates a new
+func NewTranslationMetadata() *TranslationMetadata {
+	return &TranslationMetadata{}
+}
+
+// WithDownloadURI - add a DownloadURI to the TranslationMetadata
+func (d *TranslationMetadata) WithDownloadURI(downloadUri string) *TranslationMetadata {
+	d.DownloadURI = &downloadUri
+	return d
+}
+
+// WithFullDescription - add a FullDescription to the TranslationMetadata
+func (f *TranslationMetadata) WithFullDescription(fullDescription *MultiformatMessageString) *TranslationMetadata {
+	f.FullDescription = fullDescription
+	return f
+}
+
+// WithFullName - add a FullName to the TranslationMetadata
+func (f *TranslationMetadata) WithFullName(fullName string) *TranslationMetadata {
+	f.FullName = &fullName
+	return f
+}
+
+// WithInformationURI - add a InformationURI to the TranslationMetadata
+func (i *TranslationMetadata) WithInformationURI(informationUri string) *TranslationMetadata {
+	i.InformationURI = &informationUri
+	return i
+}
+
+// WithName - add a Name to the TranslationMetadata
+func (n *TranslationMetadata) WithName(name string) *TranslationMetadata {
+	n.Name = &name
+	return n
+}
+
+// WithProperties - add a Properties to the TranslationMetadata
+func (p *TranslationMetadata) WithProperties(properties *PropertyBag) *TranslationMetadata {
+	p.Properties = properties
+	return p
+}
+
+// WithShortDescription - add a ShortDescription to the TranslationMetadata
+func (s *TranslationMetadata) WithShortDescription(shortDescription *MultiformatMessageString) *TranslationMetadata {
+	s.ShortDescription = shortDescription
+	return s
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/version_control_details.go

@@ -0,0 +1,72 @@
+package sarif
+
+// VersionControlDetails - Specifies the information necessary to retrieve a desired revision from a version control system.
+type VersionControlDetails struct {
+	// A Coordinated Universal Time (UTC) date and time that can be used to synchronize an enlistment to the state of the repository at that time.
+	AsOfTimeUtc *string `json:"asOfTimeUtc,omitempty"`
+
+	// The name of a branch containing the revision.
+	Branch *string `json:"branch,omitempty"`
+
+	// The location in the local file system to which the root of the repository was mapped at the time of the analysis.
+	MappedTo *ArtifactLocation `json:"mappedTo,omitempty"`
+
+	// Key/value pairs that provide additional information about the version control details.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The absolute URI of the repository.
+	RepositoryURI *string `json:"repositoryUri,omitempty"`
+
+	// A string that uniquely and permanently identifies the revision within the repository.
+	RevisionID *string `json:"revisionId,omitempty"`
+
+	// A tag that has been applied to the revision.
+	RevisionTag *string `json:"revisionTag,omitempty"`
+}
+
+// NewVersionControlDetails - creates a new
+func NewVersionControlDetails() *VersionControlDetails {
+	return &VersionControlDetails{}
+}
+
+// WithAsOfTimeUtc - add a AsOfTimeUtc to the VersionControlDetails
+func (a *VersionControlDetails) WithAsOfTimeUtc(asOfTimeUtc string) *VersionControlDetails {
+	a.AsOfTimeUtc = &asOfTimeUtc
+	return a
+}
+
+// WithBranch - add a Branch to the VersionControlDetails
+func (b *VersionControlDetails) WithBranch(branch string) *VersionControlDetails {
+	b.Branch = &branch
+	return b
+}
+
+// WithMappedTo - add a MappedTo to the VersionControlDetails
+func (m *VersionControlDetails) WithMappedTo(mappedTo *ArtifactLocation) *VersionControlDetails {
+	m.MappedTo = mappedTo
+	return m
+}
+
+// WithProperties - add a Properties to the VersionControlDetails
+func (p *VersionControlDetails) WithProperties(properties *PropertyBag) *VersionControlDetails {
+	p.Properties = properties
+	return p
+}
+
+// WithRepositoryURI - add a RepositoryURI to the VersionControlDetails
+func (r *VersionControlDetails) WithRepositoryURI(repositoryUri string) *VersionControlDetails {
+	r.RepositoryURI = &repositoryUri
+	return r
+}
+
+// WithRevisionID - add a RevisionID to the VersionControlDetails
+func (r *VersionControlDetails) WithRevisionID(revisionId string) *VersionControlDetails {
+	r.RevisionID = &revisionId
+	return r
+}
+
+// WithRevisionTag - add a RevisionTag to the VersionControlDetails
+func (r *VersionControlDetails) WithRevisionTag(revisionTag string) *VersionControlDetails {
+	r.RevisionTag = &revisionTag
+	return r
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/web_request.go

@@ -0,0 +1,104 @@
+package sarif
+
+// WebRequest - Describes an HTTP request.
+type WebRequest struct {
+	// The request headers.
+	Headers map[string]string `json:"headers,omitempty"`
+
+	// The request parameters.
+	Parameters map[string]string `json:"parameters,omitempty"`
+
+	// The body of the request.
+	Body *ArtifactContent `json:"body,omitempty"`
+
+	// The index within the run.webRequests array of the request object associated with this result.
+	Index int `json:"index"`
+
+	// The HTTP method. Well-known values are 'GET', 'PUT', 'POST', 'DELETE', 'PATCH', 'HEAD', 'OPTIONS', 'TRACE', 'CONNECT'.
+	Method *string `json:"method,omitempty"`
+
+	// Key/value pairs that provide additional information about the request.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The request protocol. Example: 'http'.
+	Protocol *string `json:"protocol,omitempty"`
+
+	// The target of the request.
+	Target *string `json:"target,omitempty"`
+
+	// The request version. Example: '1.1'.
+	Version *string `json:"version,omitempty"`
+}
+
+// NewWebRequest - creates a new
+func NewWebRequest() *WebRequest {
+	return &WebRequest{
+		Index: -1,
+	}
+}
+
+// AddHeader - add a single Header to the WebRequest
+func (h *WebRequest) AddHeader(key, header string) *WebRequest {
+	h.Headers[key] = header
+	return h
+}
+
+// WithHeaders - add a Headers to the WebRequest
+func (h *WebRequest) WithHeaders(headers map[string]string) *WebRequest {
+	h.Headers = headers
+	return h
+}
+
+// AddParameter - add a single Parameter to the WebRequest
+func (p *WebRequest) AddParameter(key, parameter string) *WebRequest {
+	p.Parameters[key] = parameter
+	return p
+}
+
+// WithParameters - add a Parameters to the WebRequest
+func (p *WebRequest) WithParameters(parameters map[string]string) *WebRequest {
+	p.Parameters = parameters
+	return p
+}
+
+// WithBody - add a Body to the WebRequest
+func (b *WebRequest) WithBody(body *ArtifactContent) *WebRequest {
+	b.Body = body
+	return b
+}
+
+// WithIndex - add a Index to the WebRequest
+func (i *WebRequest) WithIndex(index int) *WebRequest {
+	i.Index = index
+	return i
+}
+
+// WithMethod - add a Method to the WebRequest
+func (m *WebRequest) WithMethod(method string) *WebRequest {
+	m.Method = &method
+	return m
+}
+
+// WithProperties - add a Properties to the WebRequest
+func (p *WebRequest) WithProperties(properties *PropertyBag) *WebRequest {
+	p.Properties = properties
+	return p
+}
+
+// WithProtocol - add a Protocol to the WebRequest
+func (p *WebRequest) WithProtocol(protocol string) *WebRequest {
+	p.Protocol = &protocol
+	return p
+}
+
+// WithTarget - add a Target to the WebRequest
+func (t *WebRequest) WithTarget(target string) *WebRequest {
+	t.Target = &target
+	return t
+}
+
+// WithVersion - add a Version to the WebRequest
+func (v *WebRequest) WithVersion(version string) *WebRequest {
+	v.Version = &version
+	return v
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif/web_response.go

@@ -0,0 +1,99 @@
+package sarif
+
+// WebResponse - Describes the response to an HTTP request.
+type WebResponse struct {
+	// The response headers.
+	Headers map[string]string `json:"headers,omitempty"`
+
+	// The body of the response.
+	Body *ArtifactContent `json:"body,omitempty"`
+
+	// The index within the run.webResponses array of the response object associated with this result.
+	Index int `json:"index"`
+
+	// Specifies whether a response was received from the server.
+	NoResponseReceived bool `json:"noResponseReceived"`
+
+	// Key/value pairs that provide additional information about the response.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The response protocol. Example: 'http'.
+	Protocol *string `json:"protocol,omitempty"`
+
+	// The response reason. Example: 'Not found'.
+	ReasonPhrase *string `json:"reasonPhrase,omitempty"`
+
+	// The response status code. Example: 451.
+	StatusCode *int `json:"statusCode,omitempty"`
+
+	// The response version. Example: '1.1'.
+	Version *string `json:"version,omitempty"`
+}
+
+// NewWebResponse - creates a new
+func NewWebResponse() *WebResponse {
+	return &WebResponse{
+		Index:              -1,
+		NoResponseReceived: false,
+	}
+}
+
+// AddHeader - add a single Header to the WebResponse
+func (h *WebResponse) AddHeader(key, header string) *WebResponse {
+	h.Headers[key] = header
+	return h
+}
+
+// WithHeaders - add a Headers to the WebResponse
+func (h *WebResponse) WithHeaders(headers map[string]string) *WebResponse {
+	h.Headers = headers
+	return h
+}
+
+// WithBody - add a Body to the WebResponse
+func (b *WebResponse) WithBody(body *ArtifactContent) *WebResponse {
+	b.Body = body
+	return b
+}
+
+// WithIndex - add a Index to the WebResponse
+func (i *WebResponse) WithIndex(index int) *WebResponse {
+	i.Index = index
+	return i
+}
+
+// WithNoResponseReceived - add a NoResponseReceived to the WebResponse
+func (n *WebResponse) WithNoResponseReceived(noResponseReceived bool) *WebResponse {
+	n.NoResponseReceived = noResponseReceived
+	return n
+}
+
+// WithProperties - add a Properties to the WebResponse
+func (p *WebResponse) WithProperties(properties *PropertyBag) *WebResponse {
+	p.Properties = properties
+	return p
+}
+
+// WithProtocol - add a Protocol to the WebResponse
+func (p *WebResponse) WithProtocol(protocol string) *WebResponse {
+	p.Protocol = &protocol
+	return p
+}
+
+// WithReasonPhrase - add a ReasonPhrase to the WebResponse
+func (r *WebResponse) WithReasonPhrase(reasonPhrase string) *WebResponse {
+	r.ReasonPhrase = &reasonPhrase
+	return r
+}
+
+// WithStatusCode - add a StatusCode to the WebResponse
+func (s *WebResponse) WithStatusCode(statusCode int) *WebResponse {
+	s.StatusCode = &statusCode
+	return s
+}
+
+// WithVersion - add a Version to the WebResponse
+func (v *WebResponse) WithVersion(version string) *WebResponse {
+	v.Version = &version
+	return v
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/address.go

@@ -0,0 +1,103 @@
+package sarif
+
+// Address - A physical or virtual address, or a range of addresses, in an 'addressable region' (memory or a binary file).
+type Address struct {
+	// The address expressed as a byte offset from the start of the addressable region.
+	AbsoluteAddress int `json:"absoluteAddress"`
+
+	// A human-readable fully qualified name that is associated with the address.
+	FullyQualifiedName *string `json:"fullyQualifiedName,omitempty"`
+
+	// The index within run.addresses of the cached object for this address.
+	Index int `json:"index"`
+
+	// An open-ended string that identifies the address kind. 'data', 'function', 'header','instruction', 'module', 'page', 'section', 'segment', 'stack', 'stackFrame', 'table' are well-known values.
+	Kind *string `json:"kind,omitempty"`
+
+	// The number of bytes in this range of addresses.
+	Length *int `json:"length,omitempty"`
+
+	// A name that is associated with the address, e.g., '.text'.
+	Name *string `json:"name,omitempty"`
+
+	// The byte offset of this address from the absolute or relative address of the parent object.
+	OffsetFromParent *int `json:"offsetFromParent,omitempty"`
+
+	// The index within run.addresses of the parent object.
+	ParentIndex int `json:"parentIndex"`
+
+	// Key/value pairs that provide additional information about the address.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The address expressed as a byte offset from the absolute address of the top-most parent object.
+	RelativeAddress *int `json:"relativeAddress,omitempty"`
+}
+
+// NewAddress - creates a new
+func NewAddress() *Address {
+	return &Address{
+		AbsoluteAddress: -1,
+		Index:           -1,
+		ParentIndex:     -1,
+	}
+}
+
+// WithAbsoluteAddress - add a AbsoluteAddress to the Address
+func (a *Address) WithAbsoluteAddress(absoluteAddress int) *Address {
+	a.AbsoluteAddress = absoluteAddress
+	return a
+}
+
+// WithFullyQualifiedName - add a FullyQualifiedName to the Address
+func (f *Address) WithFullyQualifiedName(fullyQualifiedName string) *Address {
+	f.FullyQualifiedName = &fullyQualifiedName
+	return f
+}
+
+// WithIndex - add a Index to the Address
+func (i *Address) WithIndex(index int) *Address {
+	i.Index = index
+	return i
+}
+
+// WithKind - add a Kind to the Address
+func (k *Address) WithKind(kind string) *Address {
+	k.Kind = &kind
+	return k
+}
+
+// WithLength - add a Length to the Address
+func (l *Address) WithLength(length int) *Address {
+	l.Length = &length
+	return l
+}
+
+// WithName - add a Name to the Address
+func (n *Address) WithName(name string) *Address {
+	n.Name = &name
+	return n
+}
+
+// WithOffsetFromParent - add a OffsetFromParent to the Address
+func (o *Address) WithOffsetFromParent(offsetFromParent int) *Address {
+	o.OffsetFromParent = &offsetFromParent
+	return o
+}
+
+// WithParentIndex - add a ParentIndex to the Address
+func (p *Address) WithParentIndex(parentIndex int) *Address {
+	p.ParentIndex = parentIndex
+	return p
+}
+
+// WithProperties - add a Properties to the Address
+func (p *Address) WithProperties(properties *PropertyBag) *Address {
+	p.Properties = properties
+	return p
+}
+
+// WithRelativeAddress - add a RelativeAddress to the Address
+func (r *Address) WithRelativeAddress(relativeAddress int) *Address {
+	r.RelativeAddress = &relativeAddress
+	return r
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/artifact.go

@@ -0,0 +1,142 @@
+package sarif
+
+// Artifact - A single artifact. In some cases, this artifact might be nested within another artifact.
+type Artifact struct {
+	// A dictionary, each of whose keys is the name of a hash function and each of whose values is the hashed value of the artifact produced by the specified hash function.
+	Hashes map[string]string `json:"hashes,omitempty"`
+
+	// The contents of the artifact.
+	Contents *ArtifactContent `json:"contents,omitempty"`
+
+	// A short description of the artifact.
+	Description *Message `json:"description,omitempty"`
+
+	// Specifies the encoding for an artifact object that refers to a text file.
+	Encoding *string `json:"encoding,omitempty"`
+
+	// The Coordinated Universal Time (UTC) date and time at which the artifact was most recently modified. See "Date/time properties" in the SARIF spec for the required format.
+	LastModifiedTimeUtc *string `json:"lastModifiedTimeUtc,omitempty"`
+
+	// The length of the artifact in bytes.
+	Length int `json:"length"`
+
+	// The location of the artifact.
+	Location *ArtifactLocation `json:"location,omitempty"`
+
+	// The MIME type (RFC 2045) of the artifact.
+	MimeType *string `json:"mimeType,omitempty"`
+
+	// The offset in bytes of the artifact within its containing artifact.
+	Offset *int `json:"offset,omitempty"`
+
+	// Identifies the index of the immediate parent of the artifact, if this artifact is nested.
+	ParentIndex int `json:"parentIndex"`
+
+	// Key/value pairs that provide additional information about the artifact.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The role or roles played by the artifact in the analysis.
+	Roles []string `json:"roles"`
+
+	// Specifies the source language for any artifact object that refers to a text file that contains source code.
+	SourceLanguage *string `json:"sourceLanguage,omitempty"`
+}
+
+// NewArtifact - creates a new
+func NewArtifact() *Artifact {
+	return &Artifact{
+		Length:      -1,
+		ParentIndex: -1,
+		Roles:       make([]string, 0),
+	}
+}
+
+// AddHash - add a single Hash to the Artifact
+func (h *Artifact) AddHash(key, hash string) *Artifact {
+	h.Hashes[key] = hash
+	return h
+}
+
+// WithHashes - add a Hashes to the Artifact
+func (h *Artifact) WithHashes(hashes map[string]string) *Artifact {
+	h.Hashes = hashes
+	return h
+}
+
+// WithContents - add a Contents to the Artifact
+func (c *Artifact) WithContents(contents *ArtifactContent) *Artifact {
+	c.Contents = contents
+	return c
+}
+
+// WithDescription - add a Description to the Artifact
+func (d *Artifact) WithDescription(description *Message) *Artifact {
+	d.Description = description
+	return d
+}
+
+// WithEncoding - add a Encoding to the Artifact
+func (e *Artifact) WithEncoding(encoding string) *Artifact {
+	e.Encoding = &encoding
+	return e
+}
+
+// WithLastModifiedTimeUtc - add a LastModifiedTimeUtc to the Artifact
+func (l *Artifact) WithLastModifiedTimeUtc(lastModifiedTimeUtc string) *Artifact {
+	l.LastModifiedTimeUtc = &lastModifiedTimeUtc
+	return l
+}
+
+// WithLength - add a Length to the Artifact
+func (l *Artifact) WithLength(length int) *Artifact {
+	l.Length = length
+	return l
+}
+
+// WithLocation - add a Location to the Artifact
+func (l *Artifact) WithLocation(location *ArtifactLocation) *Artifact {
+	l.Location = location
+	return l
+}
+
+// WithMimeType - add a MimeType to the Artifact
+func (m *Artifact) WithMimeType(mimeType string) *Artifact {
+	m.MimeType = &mimeType
+	return m
+}
+
+// WithOffset - add a Offset to the Artifact
+func (o *Artifact) WithOffset(offset int) *Artifact {
+	o.Offset = &offset
+	return o
+}
+
+// WithParentIndex - add a ParentIndex to the Artifact
+func (p *Artifact) WithParentIndex(parentIndex int) *Artifact {
+	p.ParentIndex = parentIndex
+	return p
+}
+
+// WithProperties - add a Properties to the Artifact
+func (p *Artifact) WithProperties(properties *PropertyBag) *Artifact {
+	p.Properties = properties
+	return p
+}
+
+// WithRoles - add a Roles to the Artifact
+func (r *Artifact) WithRoles(roles []string) *Artifact {
+	r.Roles = roles
+	return r
+}
+
+// AddRole - add a single Role to the Artifact
+func (r *Artifact) AddRole(role string) *Artifact {
+	r.Roles = append(r.Roles, role)
+	return r
+}
+
+// WithSourceLanguage - add a SourceLanguage to the Artifact
+func (s *Artifact) WithSourceLanguage(sourceLanguage string) *Artifact {
+	s.SourceLanguage = &sourceLanguage
+	return s
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/artifact_change.go

@@ -0,0 +1,44 @@
+package sarif
+
+// ArtifactChange - A change to a single artifact.
+type ArtifactChange struct {
+	// The location of the artifact to change.
+	ArtifactLocation *ArtifactLocation `json:"artifactLocation,omitempty"`
+
+	// Key/value pairs that provide additional information about the change.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An array of replacement objects, each of which represents the replacement of a single region in a single artifact specified by 'artifactLocation'.
+	Replacements []*Replacement `json:"replacements,omitempty"`
+}
+
+// NewArtifactChange - creates a new
+func NewArtifactChange() *ArtifactChange {
+	return &ArtifactChange{
+		Replacements: make([]*Replacement, 0),
+	}
+}
+
+// WithArtifactLocation - add a ArtifactLocation to the ArtifactChange
+func (a *ArtifactChange) WithArtifactLocation(artifactLocation *ArtifactLocation) *ArtifactChange {
+	a.ArtifactLocation = artifactLocation
+	return a
+}
+
+// WithProperties - add a Properties to the ArtifactChange
+func (p *ArtifactChange) WithProperties(properties *PropertyBag) *ArtifactChange {
+	p.Properties = properties
+	return p
+}
+
+// WithReplacements - add a Replacements to the ArtifactChange
+func (r *ArtifactChange) WithReplacements(replacements []*Replacement) *ArtifactChange {
+	r.Replacements = replacements
+	return r
+}
+
+// AddReplacement - add a single Replacement to the ArtifactChange
+func (r *ArtifactChange) AddReplacement(replacement *Replacement) *ArtifactChange {
+	r.Replacements = append(r.Replacements, replacement)
+	return r
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/artifact_content.go

@@ -0,0 +1,45 @@
+package sarif
+
+// ArtifactContent - Represents the contents of an artifact.
+type ArtifactContent struct {
+	// MIME Base64-encoded content from a binary artifact, or from a text artifact in its original encoding.
+	Binary *string `json:"binary,omitempty"`
+
+	// Key/value pairs that provide additional information about the artifact content.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An alternate rendered representation of the artifact (e.g., a decompiled representation of a binary region).
+	Rendered *MultiformatMessageString `json:"rendered,omitempty"`
+
+	// UTF-8-encoded content from a text artifact.
+	Text *string `json:"text,omitempty"`
+}
+
+// NewArtifactContent - creates a new
+func NewArtifactContent() *ArtifactContent {
+	return &ArtifactContent{}
+}
+
+// WithBinary - add a Binary to the ArtifactContent
+func (b *ArtifactContent) WithBinary(binary string) *ArtifactContent {
+	b.Binary = &binary
+	return b
+}
+
+// WithProperties - add a Properties to the ArtifactContent
+func (p *ArtifactContent) WithProperties(properties *PropertyBag) *ArtifactContent {
+	p.Properties = properties
+	return p
+}
+
+// WithRendered - add a Rendered to the ArtifactContent
+func (r *ArtifactContent) WithRendered(rendered *MultiformatMessageString) *ArtifactContent {
+	r.Rendered = rendered
+	return r
+}
+
+// WithText - add a Text to the ArtifactContent
+func (t *ArtifactContent) WithText(text string) *ArtifactContent {
+	t.Text = &text
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/artifact_location.go

@@ -0,0 +1,56 @@
+package sarif
+
+// ArtifactLocation - Specifies the location of an artifact.
+type ArtifactLocation struct {
+	// A short description of the artifact location.
+	Description *Message `json:"description,omitempty"`
+
+	// The index within the run artifacts array of the artifact object associated with the artifact location.
+	Index int `json:"index"`
+
+	// Key/value pairs that provide additional information about the artifact location.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A string containing a valid relative or absolute URI.
+	URI *string `json:"uri,omitempty"`
+
+	// A string which indirectly specifies the absolute URI with respect to which a relative URI in the "uri" property is interpreted.
+	URIBaseID *string `json:"uriBaseId,omitempty"`
+}
+
+// NewArtifactLocation - creates a new
+func NewArtifactLocation() *ArtifactLocation {
+	return &ArtifactLocation{
+		Index: -1,
+	}
+}
+
+// WithDescription - add a Description to the ArtifactLocation
+func (d *ArtifactLocation) WithDescription(description *Message) *ArtifactLocation {
+	d.Description = description
+	return d
+}
+
+// WithIndex - add a Index to the ArtifactLocation
+func (i *ArtifactLocation) WithIndex(index int) *ArtifactLocation {
+	i.Index = index
+	return i
+}
+
+// WithProperties - add a Properties to the ArtifactLocation
+func (p *ArtifactLocation) WithProperties(properties *PropertyBag) *ArtifactLocation {
+	p.Properties = properties
+	return p
+}
+
+// WithURI - add a URI to the ArtifactLocation
+func (u *ArtifactLocation) WithURI(uri string) *ArtifactLocation {
+	u.URI = &uri
+	return u
+}
+
+// WithURIBaseID - add a URIBaseID to the ArtifactLocation
+func (u *ArtifactLocation) WithURIBaseID(uriBaseId string) *ArtifactLocation {
+	u.URIBaseID = &uriBaseId
+	return u
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/artifact_location_companion.go

@@ -0,0 +1,6 @@
+package sarif
+
+// NewSimpleArtifactLocation creates a new SimpleArtifactLocation and returns a pointer to it
+func NewSimpleArtifactLocation(uri string) *ArtifactLocation {
+	return NewArtifactLocation().WithURI(uri)
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/attachment.go

@@ -0,0 +1,69 @@
+package sarif
+
+// Attachment - An artifact relevant to a result.
+type Attachment struct {
+	// The location of the attachment.
+	ArtifactLocation *ArtifactLocation `json:"artifactLocation,omitempty"`
+
+	// A message describing the role played by the attachment.
+	Description *Message `json:"description,omitempty"`
+
+	// Key/value pairs that provide additional information about the attachment.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An array of rectangles specifying areas of interest within the image.
+	Rectangles []*Rectangle `json:"rectangles"`
+
+	// An array of regions of interest within the attachment.
+	Regions []*Region `json:"regions"`
+}
+
+// NewAttachment - creates a new
+func NewAttachment() *Attachment {
+	return &Attachment{
+		Rectangles: make([]*Rectangle, 0),
+		Regions:    make([]*Region, 0),
+	}
+}
+
+// WithArtifactLocation - add a ArtifactLocation to the Attachment
+func (a *Attachment) WithArtifactLocation(artifactLocation *ArtifactLocation) *Attachment {
+	a.ArtifactLocation = artifactLocation
+	return a
+}
+
+// WithDescription - add a Description to the Attachment
+func (d *Attachment) WithDescription(description *Message) *Attachment {
+	d.Description = description
+	return d
+}
+
+// WithProperties - add a Properties to the Attachment
+func (p *Attachment) WithProperties(properties *PropertyBag) *Attachment {
+	p.Properties = properties
+	return p
+}
+
+// WithRectangles - add a Rectangles to the Attachment
+func (r *Attachment) WithRectangles(rectangles []*Rectangle) *Attachment {
+	r.Rectangles = rectangles
+	return r
+}
+
+// AddRectangle - add a single Rectangle to the Attachment
+func (r *Attachment) AddRectangle(rectangle *Rectangle) *Attachment {
+	r.Rectangles = append(r.Rectangles, rectangle)
+	return r
+}
+
+// WithRegions - add a Regions to the Attachment
+func (r *Attachment) WithRegions(regions []*Region) *Attachment {
+	r.Regions = regions
+	return r
+}
+
+// AddRegion - add a single Region to the Attachment
+func (r *Attachment) AddRegion(region *Region) *Attachment {
+	r.Regions = append(r.Regions, region)
+	return r
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/code_flow.go

@@ -0,0 +1,44 @@
+package sarif
+
+// CodeFlow - A set of threadFlows which together describe a pattern of code execution relevant to detecting a result.
+type CodeFlow struct {
+	// A message relevant to the code flow.
+	Message *Message `json:"message,omitempty"`
+
+	// Key/value pairs that provide additional information about the code flow.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An array of one or more unique threadFlow objects, each of which describes the progress of a program through a thread of execution.
+	ThreadFlows []*ThreadFlow `json:"threadFlows,omitempty"`
+}
+
+// NewCodeFlow - creates a new
+func NewCodeFlow() *CodeFlow {
+	return &CodeFlow{
+		ThreadFlows: make([]*ThreadFlow, 0),
+	}
+}
+
+// WithMessage - add a Message to the CodeFlow
+func (m *CodeFlow) WithMessage(message *Message) *CodeFlow {
+	m.Message = message
+	return m
+}
+
+// WithProperties - add a Properties to the CodeFlow
+func (p *CodeFlow) WithProperties(properties *PropertyBag) *CodeFlow {
+	p.Properties = properties
+	return p
+}
+
+// WithThreadFlows - add a ThreadFlows to the CodeFlow
+func (t *CodeFlow) WithThreadFlows(threadFlows []*ThreadFlow) *CodeFlow {
+	t.ThreadFlows = threadFlows
+	return t
+}
+
+// AddThreadFlow - add a single ThreadFlow to the CodeFlow
+func (t *CodeFlow) AddThreadFlow(threadFlow *ThreadFlow) *CodeFlow {
+	t.ThreadFlows = append(t.ThreadFlows, threadFlow)
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/configuration_override.go

@@ -0,0 +1,36 @@
+package sarif
+
+// ConfigurationOverride - Information about how a specific rule or notification was reconfigured at runtime.
+type ConfigurationOverride struct {
+	// Specifies how the rule or notification was configured during the scan.
+	Configuration *ReportingConfiguration `json:"configuration,omitempty"`
+
+	// A reference used to locate the descriptor whose configuration was overridden.
+	Descriptor *ReportingDescriptorReference `json:"descriptor,omitempty"`
+
+	// Key/value pairs that provide additional information about the configuration override.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewConfigurationOverride - creates a new
+func NewConfigurationOverride() *ConfigurationOverride {
+	return &ConfigurationOverride{}
+}
+
+// WithConfiguration - add a Configuration to the ConfigurationOverride
+func (c *ConfigurationOverride) WithConfiguration(configuration *ReportingConfiguration) *ConfigurationOverride {
+	c.Configuration = configuration
+	return c
+}
+
+// WithDescriptor - add a Descriptor to the ConfigurationOverride
+func (d *ConfigurationOverride) WithDescriptor(descriptor *ReportingDescriptorReference) *ConfigurationOverride {
+	d.Descriptor = descriptor
+	return d
+}
+
+// WithProperties - add a Properties to the ConfigurationOverride
+func (p *ConfigurationOverride) WithProperties(properties *PropertyBag) *ConfigurationOverride {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/conversion.go

@@ -0,0 +1,53 @@
+package sarif
+
+// Conversion - Describes how a converter transformed the output of a static analysis tool from the analysis tool's native output format into the SARIF format.
+type Conversion struct {
+	// The locations of the analysis tool's per-run log files.
+	AnalysisToolLogFiles []*ArtifactLocation `json:"analysisToolLogFiles"`
+
+	// An invocation object that describes the invocation of the converter.
+	Invocation *Invocation `json:"invocation,omitempty"`
+
+	// Key/value pairs that provide additional information about the conversion.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A tool object that describes the converter.
+	Tool *Tool `json:"tool,omitempty"`
+}
+
+// NewConversion - creates a new
+func NewConversion() *Conversion {
+	return &Conversion{
+		AnalysisToolLogFiles: make([]*ArtifactLocation, 0),
+	}
+}
+
+// WithAnalysisToolLogFiles - add a AnalysisToolLogFiles to the Conversion
+func (a *Conversion) WithAnalysisToolLogFiles(analysisToolLogFiles []*ArtifactLocation) *Conversion {
+	a.AnalysisToolLogFiles = analysisToolLogFiles
+	return a
+}
+
+// AddAnalysisToolLogFile - add a single AnalysisToolLogFile to the Conversion
+func (a *Conversion) AddAnalysisToolLogFile(analysisToolLogFile *ArtifactLocation) *Conversion {
+	a.AnalysisToolLogFiles = append(a.AnalysisToolLogFiles, analysisToolLogFile)
+	return a
+}
+
+// WithInvocation - add a Invocation to the Conversion
+func (i *Conversion) WithInvocation(invocation *Invocation) *Conversion {
+	i.Invocation = invocation
+	return i
+}
+
+// WithProperties - add a Properties to the Conversion
+func (p *Conversion) WithProperties(properties *PropertyBag) *Conversion {
+	p.Properties = properties
+	return p
+}
+
+// WithTool - add a Tool to the Conversion
+func (t *Conversion) WithTool(tool *Tool) *Conversion {
+	t.Tool = tool
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/edge.go

@@ -0,0 +1,54 @@
+package sarif
+
+// Edge - Represents a directed edge in a graph.
+type Edge struct {
+	// A string that uniquely identifies the edge within its graph.
+	ID *string `json:"id,omitempty"`
+
+	// A short description of the edge.
+	Label *Message `json:"label,omitempty"`
+
+	// Key/value pairs that provide additional information about the edge.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// Identifies the source node (the node at which the edge starts).
+	SourceNodeID *string `json:"sourceNodeId,omitempty"`
+
+	// Identifies the target node (the node at which the edge ends).
+	TargetNodeID *string `json:"targetNodeId,omitempty"`
+}
+
+// NewEdge - creates a new
+func NewEdge() *Edge {
+	return &Edge{}
+}
+
+// WithID - add a ID to the Edge
+func (i *Edge) WithID(id string) *Edge {
+	i.ID = &id
+	return i
+}
+
+// WithLabel - add a Label to the Edge
+func (l *Edge) WithLabel(label *Message) *Edge {
+	l.Label = label
+	return l
+}
+
+// WithProperties - add a Properties to the Edge
+func (p *Edge) WithProperties(properties *PropertyBag) *Edge {
+	p.Properties = properties
+	return p
+}
+
+// WithSourceNodeID - add a SourceNodeID to the Edge
+func (s *Edge) WithSourceNodeID(sourceNodeId string) *Edge {
+	s.SourceNodeID = &sourceNodeId
+	return s
+}
+
+// WithTargetNodeID - add a TargetNodeID to the Edge
+func (t *Edge) WithTargetNodeID(targetNodeId string) *Edge {
+	t.TargetNodeID = &targetNodeId
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/edge_traversal.go

@@ -0,0 +1,60 @@
+package sarif
+
+// EdgeTraversal - Represents the traversal of a single edge during a graph traversal.
+type EdgeTraversal struct {
+	// The values of relevant expressions after the edge has been traversed.
+	FinalState map[string]MultiformatMessageString `json:"finalState,omitempty"`
+
+	// Identifies the edge being traversed.
+	EdgeID *string `json:"edgeId,omitempty"`
+
+	// A message to display to the user as the edge is traversed.
+	Message *Message `json:"message,omitempty"`
+
+	// Key/value pairs that provide additional information about the edge traversal.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The number of edge traversals necessary to return from a nested graph.
+	StepOverEdgeCount *int `json:"stepOverEdgeCount,omitempty"`
+}
+
+// NewEdgeTraversal - creates a new
+func NewEdgeTraversal() *EdgeTraversal {
+	return &EdgeTraversal{}
+}
+
+// AddFinalState - add a single FinalState to the EdgeTraversal
+func (f *EdgeTraversal) AddFinalState(key string, finalState MultiformatMessageString) *EdgeTraversal {
+	f.FinalState[key] = finalState
+	return f
+}
+
+// WithFinalState - add a FinalState to the EdgeTraversal
+func (f *EdgeTraversal) WithFinalState(finalState map[string]MultiformatMessageString) *EdgeTraversal {
+	f.FinalState = finalState
+	return f
+}
+
+// WithEdgeID - add a EdgeID to the EdgeTraversal
+func (e *EdgeTraversal) WithEdgeID(edgeId string) *EdgeTraversal {
+	e.EdgeID = &edgeId
+	return e
+}
+
+// WithMessage - add a Message to the EdgeTraversal
+func (m *EdgeTraversal) WithMessage(message *Message) *EdgeTraversal {
+	m.Message = message
+	return m
+}
+
+// WithProperties - add a Properties to the EdgeTraversal
+func (p *EdgeTraversal) WithProperties(properties *PropertyBag) *EdgeTraversal {
+	p.Properties = properties
+	return p
+}
+
+// WithStepOverEdgeCount - add a StepOverEdgeCount to the EdgeTraversal
+func (s *EdgeTraversal) WithStepOverEdgeCount(stepOverEdgeCount int) *EdgeTraversal {
+	s.StepOverEdgeCount = &stepOverEdgeCount
+	return s
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/exception.go

@@ -0,0 +1,62 @@
+package sarif
+
+// Exception - Describes a runtime exception encountered during the execution of an analysis tool.
+type Exception struct {
+	// An array of exception objects each of which is considered a cause of this exception.
+	InnerExceptions []*Exception `json:"innerExceptions"`
+
+	// A string that identifies the kind of exception, for example, the fully qualified type name of an object that was thrown, or the symbolic name of a signal.
+	Kind *string `json:"kind,omitempty"`
+
+	// A message that describes the exception.
+	Message *string `json:"message,omitempty"`
+
+	// Key/value pairs that provide additional information about the exception.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The sequence of function calls leading to the exception.
+	Stack *Stack `json:"stack,omitempty"`
+}
+
+// NewException - creates a new
+func NewException() *Exception {
+	return &Exception{
+		InnerExceptions: make([]*Exception, 0),
+	}
+}
+
+// WithInnerExceptions - add a InnerExceptions to the Exception
+func (i *Exception) WithInnerExceptions(innerExceptions []*Exception) *Exception {
+	i.InnerExceptions = innerExceptions
+	return i
+}
+
+// AddInnerException - add a single InnerException to the Exception
+func (i *Exception) AddInnerException(innerException *Exception) *Exception {
+	i.InnerExceptions = append(i.InnerExceptions, innerException)
+	return i
+}
+
+// WithKind - add a Kind to the Exception
+func (k *Exception) WithKind(kind string) *Exception {
+	k.Kind = &kind
+	return k
+}
+
+// WithMessage - add a Message to the Exception
+func (m *Exception) WithMessage(message string) *Exception {
+	m.Message = &message
+	return m
+}
+
+// WithProperties - add a Properties to the Exception
+func (p *Exception) WithProperties(properties *PropertyBag) *Exception {
+	p.Properties = properties
+	return p
+}
+
+// WithStack - add a Stack to the Exception
+func (s *Exception) WithStack(stack *Stack) *Exception {
+	s.Stack = stack
+	return s
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/external_properties.go

@@ -0,0 +1,290 @@
+package sarif
+
+// ExternalProperties - The top-level element of an external property file.
+type ExternalProperties struct {
+	// Addresses that will be merged with a separate run.
+	Addresses []*Address `json:"addresses"`
+
+	// An array of artifact objects that will be merged with a separate run.
+	Artifacts []*Artifact `json:"artifacts,omitempty"`
+
+	// A conversion object that will be merged with a separate run.
+	Conversion *Conversion `json:"conversion,omitempty"`
+
+	// The analysis tool object that will be merged with a separate run.
+	Driver *ToolComponent `json:"driver,omitempty"`
+
+	// Tool extensions that will be merged with a separate run.
+	Extensions []*ToolComponent `json:"extensions"`
+
+	// Key/value pairs that provide additional information that will be merged with a separate run.
+	ExternalizedProperties *PropertyBag `json:"externalizedProperties,omitempty"`
+
+	// An array of graph objects that will be merged with a separate run.
+	Graphs []*Graph `json:"graphs"`
+
+	// A stable, unique identifier for this external properties object, in the form of a GUID.
+	Guid *Guid `json:"guid,omitempty"`
+
+	// Describes the invocation of the analysis tool that will be merged with a separate run.
+	Invocations []*Invocation `json:"invocations"`
+
+	// An array of logical locations such as namespaces, types or functions that will be merged with a separate run.
+	LogicalLocations []*LogicalLocation `json:"logicalLocations"`
+
+	// Tool policies that will be merged with a separate run.
+	Policies []*ToolComponent `json:"policies"`
+
+	// Key/value pairs that provide additional information about the external properties.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An array of result objects that will be merged with a separate run.
+	Results []*Result `json:"results"`
+
+	// A stable, unique identifier for the run associated with this external properties object, in the form of a GUID.
+	RunGuID *string `json:"runGuid,omitempty"`
+
+	// The URI of the JSON schema corresponding to the version of the external property file format.
+	Schema *string `json:"schema,omitempty"`
+
+	// Tool taxonomies that will be merged with a separate run.
+	Taxonomies []*ToolComponent `json:"taxonomies"`
+
+	// An array of threadFlowLocation objects that will be merged with a separate run.
+	ThreadFlowLocations []*ThreadFlowLocation `json:"threadFlowLocations"`
+
+	// Tool translations that will be merged with a separate run.
+	Translations []*ToolComponent `json:"translations"`
+
+	// The SARIF format version of this external properties object.
+	Version *string `json:"version,omitempty"`
+
+	// Requests that will be merged with a separate run.
+	WebRequests []*WebRequest `json:"webRequests"`
+
+	// Responses that will be merged with a separate run.
+	WebResponses []*WebResponse `json:"webResponses"`
+}
+
+// NewExternalProperties - creates a new
+func NewExternalProperties() *ExternalProperties {
+	return &ExternalProperties{
+		Addresses:           make([]*Address, 0),
+		Artifacts:           make([]*Artifact, 0),
+		Extensions:          make([]*ToolComponent, 0),
+		Graphs:              make([]*Graph, 0),
+		Invocations:         make([]*Invocation, 0),
+		LogicalLocations:    make([]*LogicalLocation, 0),
+		Policies:            make([]*ToolComponent, 0),
+		Results:             make([]*Result, 0),
+		Taxonomies:          make([]*ToolComponent, 0),
+		ThreadFlowLocations: make([]*ThreadFlowLocation, 0),
+		Translations:        make([]*ToolComponent, 0),
+		WebRequests:         make([]*WebRequest, 0),
+		WebResponses:        make([]*WebResponse, 0),
+	}
+}
+
+// WithAddresses - add a Addresses to the ExternalProperties
+func (a *ExternalProperties) WithAddresses(addresses []*Address) *ExternalProperties {
+	a.Addresses = addresses
+	return a
+}
+
+// AddAddresse - add a single Addresse to the ExternalProperties
+func (a *ExternalProperties) AddAddresse(addresse *Address) *ExternalProperties {
+	a.Addresses = append(a.Addresses, addresse)
+	return a
+}
+
+// WithArtifacts - add a Artifacts to the ExternalProperties
+func (a *ExternalProperties) WithArtifacts(artifacts []*Artifact) *ExternalProperties {
+	a.Artifacts = artifacts
+	return a
+}
+
+// AddArtifact - add a single Artifact to the ExternalProperties
+func (a *ExternalProperties) AddArtifact(artifact *Artifact) *ExternalProperties {
+	a.Artifacts = append(a.Artifacts, artifact)
+	return a
+}
+
+// WithConversion - add a Conversion to the ExternalProperties
+func (c *ExternalProperties) WithConversion(conversion *Conversion) *ExternalProperties {
+	c.Conversion = conversion
+	return c
+}
+
+// WithDriver - add a Driver to the ExternalProperties
+func (d *ExternalProperties) WithDriver(driver *ToolComponent) *ExternalProperties {
+	d.Driver = driver
+	return d
+}
+
+// WithExtensions - add a Extensions to the ExternalProperties
+func (e *ExternalProperties) WithExtensions(extensions []*ToolComponent) *ExternalProperties {
+	e.Extensions = extensions
+	return e
+}
+
+// AddExtension - add a single Extension to the ExternalProperties
+func (e *ExternalProperties) AddExtension(extension *ToolComponent) *ExternalProperties {
+	e.Extensions = append(e.Extensions, extension)
+	return e
+}
+
+// WithExternalizedProperties - add a ExternalizedProperties to the ExternalProperties
+func (e *ExternalProperties) WithExternalizedProperties(externalizedProperties *PropertyBag) *ExternalProperties {
+	e.ExternalizedProperties = externalizedProperties
+	return e
+}
+
+// WithGraphs - add a Graphs to the ExternalProperties
+func (g *ExternalProperties) WithGraphs(graphs []*Graph) *ExternalProperties {
+	g.Graphs = graphs
+	return g
+}
+
+// AddGraph - add a single Graph to the ExternalProperties
+func (g *ExternalProperties) AddGraph(graph *Graph) *ExternalProperties {
+	g.Graphs = append(g.Graphs, graph)
+	return g
+}
+
+// WithGuid - add a Guid to the ExternalProperties
+func (g *ExternalProperties) WithGuid(guid *Guid) *ExternalProperties {
+	g.Guid = guid
+	return g
+}
+
+// WithInvocations - add a Invocations to the ExternalProperties
+func (i *ExternalProperties) WithInvocations(invocations []*Invocation) *ExternalProperties {
+	i.Invocations = invocations
+	return i
+}
+
+// AddInvocation - add a single Invocation to the ExternalProperties
+func (i *ExternalProperties) AddInvocation(invocation *Invocation) *ExternalProperties {
+	i.Invocations = append(i.Invocations, invocation)
+	return i
+}
+
+// WithLogicalLocations - add a LogicalLocations to the ExternalProperties
+func (l *ExternalProperties) WithLogicalLocations(logicalLocations []*LogicalLocation) *ExternalProperties {
+	l.LogicalLocations = logicalLocations
+	return l
+}
+
+// AddLogicalLocation - add a single LogicalLocation to the ExternalProperties
+func (l *ExternalProperties) AddLogicalLocation(logicalLocation *LogicalLocation) *ExternalProperties {
+	l.LogicalLocations = append(l.LogicalLocations, logicalLocation)
+	return l
+}
+
+// WithPolicies - add a Policies to the ExternalProperties
+func (p *ExternalProperties) WithPolicies(policies []*ToolComponent) *ExternalProperties {
+	p.Policies = policies
+	return p
+}
+
+// AddPolicie - add a single Policie to the ExternalProperties
+func (p *ExternalProperties) AddPolicie(policie *ToolComponent) *ExternalProperties {
+	p.Policies = append(p.Policies, policie)
+	return p
+}
+
+// WithProperties - add a Properties to the ExternalProperties
+func (p *ExternalProperties) WithProperties(properties *PropertyBag) *ExternalProperties {
+	p.Properties = properties
+	return p
+}
+
+// WithResults - add a Results to the ExternalProperties
+func (r *ExternalProperties) WithResults(results []*Result) *ExternalProperties {
+	r.Results = results
+	return r
+}
+
+// AddResult - add a single Result to the ExternalProperties
+func (r *ExternalProperties) AddResult(result *Result) *ExternalProperties {
+	r.Results = append(r.Results, result)
+	return r
+}
+
+// WithRunGuID - add a RunGuID to the ExternalProperties
+func (r *ExternalProperties) WithRunGuID(runGuid string) *ExternalProperties {
+	r.RunGuID = &runGuid
+	return r
+}
+
+// WithSchema - add a Schema to the ExternalProperties
+func (s *ExternalProperties) WithSchema(schema string) *ExternalProperties {
+	s.Schema = &schema
+	return s
+}
+
+// WithTaxonomies - add a Taxonomies to the ExternalProperties
+func (t *ExternalProperties) WithTaxonomies(taxonomies []*ToolComponent) *ExternalProperties {
+	t.Taxonomies = taxonomies
+	return t
+}
+
+// AddTaxonomie - add a single Taxonomie to the ExternalProperties
+func (t *ExternalProperties) AddTaxonomie(taxonomie *ToolComponent) *ExternalProperties {
+	t.Taxonomies = append(t.Taxonomies, taxonomie)
+	return t
+}
+
+// WithThreadFlowLocations - add a ThreadFlowLocations to the ExternalProperties
+func (t *ExternalProperties) WithThreadFlowLocations(threadFlowLocations []*ThreadFlowLocation) *ExternalProperties {
+	t.ThreadFlowLocations = threadFlowLocations
+	return t
+}
+
+// AddThreadFlowLocation - add a single ThreadFlowLocation to the ExternalProperties
+func (t *ExternalProperties) AddThreadFlowLocation(threadFlowLocation *ThreadFlowLocation) *ExternalProperties {
+	t.ThreadFlowLocations = append(t.ThreadFlowLocations, threadFlowLocation)
+	return t
+}
+
+// WithTranslations - add a Translations to the ExternalProperties
+func (t *ExternalProperties) WithTranslations(translations []*ToolComponent) *ExternalProperties {
+	t.Translations = translations
+	return t
+}
+
+// AddTranslation - add a single Translation to the ExternalProperties
+func (t *ExternalProperties) AddTranslation(translation *ToolComponent) *ExternalProperties {
+	t.Translations = append(t.Translations, translation)
+	return t
+}
+
+// WithVersion - add a Version to the ExternalProperties
+func (v *ExternalProperties) WithVersion(version string) *ExternalProperties {
+	v.Version = &version
+	return v
+}
+
+// WithWebRequests - add a WebRequests to the ExternalProperties
+func (w *ExternalProperties) WithWebRequests(webRequests []*WebRequest) *ExternalProperties {
+	w.WebRequests = webRequests
+	return w
+}
+
+// AddWebRequest - add a single WebRequest to the ExternalProperties
+func (w *ExternalProperties) AddWebRequest(webRequest *WebRequest) *ExternalProperties {
+	w.WebRequests = append(w.WebRequests, webRequest)
+	return w
+}
+
+// WithWebResponses - add a WebResponses to the ExternalProperties
+func (w *ExternalProperties) WithWebResponses(webResponses []*WebResponse) *ExternalProperties {
+	w.WebResponses = webResponses
+	return w
+}
+
+// AddWebResponse - add a single WebResponse to the ExternalProperties
+func (w *ExternalProperties) AddWebResponse(webResponse *WebResponse) *ExternalProperties {
+	w.WebResponses = append(w.WebResponses, webResponse)
+	return w
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/external_property_file_reference.go

@@ -0,0 +1,47 @@
+package sarif
+
+// ExternalPropertyFileReference - Contains information that enables a SARIF consumer to locate the external property file that contains the value of an externalized property associated with the run.
+type ExternalPropertyFileReference struct {
+	// A stable, unique identifier for the external property file in the form of a GUID.
+	Guid *Guid `json:"guid,omitempty"`
+
+	// A non-negative integer specifying the number of items contained in the external property file.
+	ItemCount int `json:"itemCount"`
+
+	// The location of the external property file.
+	Location *ArtifactLocation `json:"location,omitempty"`
+
+	// Key/value pairs that provide additional information about the external property file.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewExternalPropertyFileReference - creates a new
+func NewExternalPropertyFileReference() *ExternalPropertyFileReference {
+	return &ExternalPropertyFileReference{
+		ItemCount: -1,
+	}
+}
+
+// WithGuid - add a Guid to the ExternalPropertyFileReference
+func (g *ExternalPropertyFileReference) WithGuid(guid *Guid) *ExternalPropertyFileReference {
+	g.Guid = guid
+	return g
+}
+
+// WithItemCount - add a ItemCount to the ExternalPropertyFileReference
+func (i *ExternalPropertyFileReference) WithItemCount(itemCount int) *ExternalPropertyFileReference {
+	i.ItemCount = itemCount
+	return i
+}
+
+// WithLocation - add a Location to the ExternalPropertyFileReference
+func (l *ExternalPropertyFileReference) WithLocation(location *ArtifactLocation) *ExternalPropertyFileReference {
+	l.Location = location
+	return l
+}
+
+// WithProperties - add a Properties to the ExternalPropertyFileReference
+func (p *ExternalPropertyFileReference) WithProperties(properties *PropertyBag) *ExternalPropertyFileReference {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/external_property_file_references.go

@@ -0,0 +1,254 @@
+package sarif
+
+// ExternalPropertyFileReferences - References to external property files that should be inlined with the content of a root log file.
+type ExternalPropertyFileReferences struct {
+	// An array of external property files containing run.addresses arrays to be merged with the root log file.
+	Addresses []*ExternalPropertyFileReference `json:"addresses"`
+
+	// An array of external property files containing run.artifacts arrays to be merged with the root log file.
+	Artifacts []*ExternalPropertyFileReference `json:"artifacts"`
+
+	// An external property file containing a run.conversion object to be merged with the root log file.
+	Conversion *ExternalPropertyFileReference `json:"conversion,omitempty"`
+
+	// An external property file containing a run.driver object to be merged with the root log file.
+	Driver *ExternalPropertyFileReference `json:"driver,omitempty"`
+
+	// An array of external property files containing run.extensions arrays to be merged with the root log file.
+	Extensions []*ExternalPropertyFileReference `json:"extensions"`
+
+	// An external property file containing a run.properties object to be merged with the root log file.
+	ExternalizedProperties *ExternalPropertyFileReference `json:"externalizedProperties,omitempty"`
+
+	// An array of external property files containing a run.graphs object to be merged with the root log file.
+	Graphs []*ExternalPropertyFileReference `json:"graphs"`
+
+	// An array of external property files containing run.invocations arrays to be merged with the root log file.
+	Invocations []*ExternalPropertyFileReference `json:"invocations"`
+
+	// An array of external property files containing run.logicalLocations arrays to be merged with the root log file.
+	LogicalLocations []*ExternalPropertyFileReference `json:"logicalLocations"`
+
+	// An array of external property files containing run.policies arrays to be merged with the root log file.
+	Policies []*ExternalPropertyFileReference `json:"policies"`
+
+	// Key/value pairs that provide additional information about the external property files.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An array of external property files containing run.results arrays to be merged with the root log file.
+	Results []*ExternalPropertyFileReference `json:"results"`
+
+	// An array of external property files containing run.taxonomies arrays to be merged with the root log file.
+	Taxonomies []*ExternalPropertyFileReference `json:"taxonomies"`
+
+	// An array of external property files containing run.threadFlowLocations arrays to be merged with the root log file.
+	ThreadFlowLocations []*ExternalPropertyFileReference `json:"threadFlowLocations"`
+
+	// An array of external property files containing run.translations arrays to be merged with the root log file.
+	Translations []*ExternalPropertyFileReference `json:"translations"`
+
+	// An array of external property files containing run.requests arrays to be merged with the root log file.
+	WebRequests []*ExternalPropertyFileReference `json:"webRequests"`
+
+	// An array of external property files containing run.responses arrays to be merged with the root log file.
+	WebResponses []*ExternalPropertyFileReference `json:"webResponses"`
+}
+
+// NewExternalPropertyFileReferences - creates a new
+func NewExternalPropertyFileReferences() *ExternalPropertyFileReferences {
+	return &ExternalPropertyFileReferences{
+		Addresses:           make([]*ExternalPropertyFileReference, 0),
+		Artifacts:           make([]*ExternalPropertyFileReference, 0),
+		Extensions:          make([]*ExternalPropertyFileReference, 0),
+		Graphs:              make([]*ExternalPropertyFileReference, 0),
+		Invocations:         make([]*ExternalPropertyFileReference, 0),
+		LogicalLocations:    make([]*ExternalPropertyFileReference, 0),
+		Policies:            make([]*ExternalPropertyFileReference, 0),
+		Results:             make([]*ExternalPropertyFileReference, 0),
+		Taxonomies:          make([]*ExternalPropertyFileReference, 0),
+		ThreadFlowLocations: make([]*ExternalPropertyFileReference, 0),
+		Translations:        make([]*ExternalPropertyFileReference, 0),
+		WebRequests:         make([]*ExternalPropertyFileReference, 0),
+		WebResponses:        make([]*ExternalPropertyFileReference, 0),
+	}
+}
+
+// WithAddresses - add a Addresses to the ExternalPropertyFileReferences
+func (a *ExternalPropertyFileReferences) WithAddresses(addresses []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	a.Addresses = addresses
+	return a
+}
+
+// AddAddresse - add a single Addresse to the ExternalPropertyFileReferences
+func (a *ExternalPropertyFileReferences) AddAddresse(addresse *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	a.Addresses = append(a.Addresses, addresse)
+	return a
+}
+
+// WithArtifacts - add a Artifacts to the ExternalPropertyFileReferences
+func (a *ExternalPropertyFileReferences) WithArtifacts(artifacts []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	a.Artifacts = artifacts
+	return a
+}
+
+// AddArtifact - add a single Artifact to the ExternalPropertyFileReferences
+func (a *ExternalPropertyFileReferences) AddArtifact(artifact *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	a.Artifacts = append(a.Artifacts, artifact)
+	return a
+}
+
+// WithConversion - add a Conversion to the ExternalPropertyFileReferences
+func (c *ExternalPropertyFileReferences) WithConversion(conversion *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	c.Conversion = conversion
+	return c
+}
+
+// WithDriver - add a Driver to the ExternalPropertyFileReferences
+func (d *ExternalPropertyFileReferences) WithDriver(driver *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	d.Driver = driver
+	return d
+}
+
+// WithExtensions - add a Extensions to the ExternalPropertyFileReferences
+func (e *ExternalPropertyFileReferences) WithExtensions(extensions []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	e.Extensions = extensions
+	return e
+}
+
+// AddExtension - add a single Extension to the ExternalPropertyFileReferences
+func (e *ExternalPropertyFileReferences) AddExtension(extension *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	e.Extensions = append(e.Extensions, extension)
+	return e
+}
+
+// WithExternalizedProperties - add a ExternalizedProperties to the ExternalPropertyFileReferences
+func (e *ExternalPropertyFileReferences) WithExternalizedProperties(externalizedProperties *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	e.ExternalizedProperties = externalizedProperties
+	return e
+}
+
+// WithGraphs - add a Graphs to the ExternalPropertyFileReferences
+func (g *ExternalPropertyFileReferences) WithGraphs(graphs []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	g.Graphs = graphs
+	return g
+}
+
+// AddGraph - add a single Graph to the ExternalPropertyFileReferences
+func (g *ExternalPropertyFileReferences) AddGraph(graph *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	g.Graphs = append(g.Graphs, graph)
+	return g
+}
+
+// WithInvocations - add a Invocations to the ExternalPropertyFileReferences
+func (i *ExternalPropertyFileReferences) WithInvocations(invocations []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	i.Invocations = invocations
+	return i
+}
+
+// AddInvocation - add a single Invocation to the ExternalPropertyFileReferences
+func (i *ExternalPropertyFileReferences) AddInvocation(invocation *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	i.Invocations = append(i.Invocations, invocation)
+	return i
+}
+
+// WithLogicalLocations - add a LogicalLocations to the ExternalPropertyFileReferences
+func (l *ExternalPropertyFileReferences) WithLogicalLocations(logicalLocations []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	l.LogicalLocations = logicalLocations
+	return l
+}
+
+// AddLogicalLocation - add a single LogicalLocation to the ExternalPropertyFileReferences
+func (l *ExternalPropertyFileReferences) AddLogicalLocation(logicalLocation *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	l.LogicalLocations = append(l.LogicalLocations, logicalLocation)
+	return l
+}
+
+// WithPolicies - add a Policies to the ExternalPropertyFileReferences
+func (p *ExternalPropertyFileReferences) WithPolicies(policies []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	p.Policies = policies
+	return p
+}
+
+// AddPolicie - add a single Policie to the ExternalPropertyFileReferences
+func (p *ExternalPropertyFileReferences) AddPolicie(policie *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	p.Policies = append(p.Policies, policie)
+	return p
+}
+
+// WithProperties - add a Properties to the ExternalPropertyFileReferences
+func (p *ExternalPropertyFileReferences) WithProperties(properties *PropertyBag) *ExternalPropertyFileReferences {
+	p.Properties = properties
+	return p
+}
+
+// WithResults - add a Results to the ExternalPropertyFileReferences
+func (r *ExternalPropertyFileReferences) WithResults(results []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	r.Results = results
+	return r
+}
+
+// AddResult - add a single Result to the ExternalPropertyFileReferences
+func (r *ExternalPropertyFileReferences) AddResult(result *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	r.Results = append(r.Results, result)
+	return r
+}
+
+// WithTaxonomies - add a Taxonomies to the ExternalPropertyFileReferences
+func (t *ExternalPropertyFileReferences) WithTaxonomies(taxonomies []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	t.Taxonomies = taxonomies
+	return t
+}
+
+// AddTaxonomie - add a single Taxonomie to the ExternalPropertyFileReferences
+func (t *ExternalPropertyFileReferences) AddTaxonomie(taxonomie *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	t.Taxonomies = append(t.Taxonomies, taxonomie)
+	return t
+}
+
+// WithThreadFlowLocations - add a ThreadFlowLocations to the ExternalPropertyFileReferences
+func (t *ExternalPropertyFileReferences) WithThreadFlowLocations(threadFlowLocations []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	t.ThreadFlowLocations = threadFlowLocations
+	return t
+}
+
+// AddThreadFlowLocation - add a single ThreadFlowLocation to the ExternalPropertyFileReferences
+func (t *ExternalPropertyFileReferences) AddThreadFlowLocation(threadFlowLocation *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	t.ThreadFlowLocations = append(t.ThreadFlowLocations, threadFlowLocation)
+	return t
+}
+
+// WithTranslations - add a Translations to the ExternalPropertyFileReferences
+func (t *ExternalPropertyFileReferences) WithTranslations(translations []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	t.Translations = translations
+	return t
+}
+
+// AddTranslation - add a single Translation to the ExternalPropertyFileReferences
+func (t *ExternalPropertyFileReferences) AddTranslation(translation *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	t.Translations = append(t.Translations, translation)
+	return t
+}
+
+// WithWebRequests - add a WebRequests to the ExternalPropertyFileReferences
+func (w *ExternalPropertyFileReferences) WithWebRequests(webRequests []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	w.WebRequests = webRequests
+	return w
+}
+
+// AddWebRequest - add a single WebRequest to the ExternalPropertyFileReferences
+func (w *ExternalPropertyFileReferences) AddWebRequest(webRequest *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	w.WebRequests = append(w.WebRequests, webRequest)
+	return w
+}
+
+// WithWebResponses - add a WebResponses to the ExternalPropertyFileReferences
+func (w *ExternalPropertyFileReferences) WithWebResponses(webResponses []*ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	w.WebResponses = webResponses
+	return w
+}
+
+// AddWebResponse - add a single WebResponse to the ExternalPropertyFileReferences
+func (w *ExternalPropertyFileReferences) AddWebResponse(webResponse *ExternalPropertyFileReference) *ExternalPropertyFileReferences {
+	w.WebResponses = append(w.WebResponses, webResponse)
+	return w
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/fix.go

@@ -0,0 +1,44 @@
+package sarif
+
+// Fix - A proposed fix for the problem represented by a result object. A fix specifies a set of artifacts to modify. For each artifact, it specifies a set of bytes to remove, and provides a set of new bytes to replace them.
+type Fix struct {
+	// One or more artifact changes that comprise a fix for a result.
+	ArtifactChanges []*ArtifactChange `json:"artifactChanges,omitempty"`
+
+	// A message that describes the proposed fix, enabling viewers to present the proposed change to an end user.
+	Description *Message `json:"description,omitempty"`
+
+	// Key/value pairs that provide additional information about the fix.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewFix - creates a new
+func NewFix() *Fix {
+	return &Fix{
+		ArtifactChanges: make([]*ArtifactChange, 0),
+	}
+}
+
+// WithArtifactChanges - add a ArtifactChanges to the Fix
+func (a *Fix) WithArtifactChanges(artifactChanges []*ArtifactChange) *Fix {
+	a.ArtifactChanges = artifactChanges
+	return a
+}
+
+// AddArtifactChange - add a single ArtifactChange to the Fix
+func (a *Fix) AddArtifactChange(artifactChange *ArtifactChange) *Fix {
+	a.ArtifactChanges = append(a.ArtifactChanges, artifactChange)
+	return a
+}
+
+// WithDescription - add a Description to the Fix
+func (d *Fix) WithDescription(description *Message) *Fix {
+	d.Description = description
+	return d
+}
+
+// WithProperties - add a Properties to the Fix
+func (p *Fix) WithProperties(properties *PropertyBag) *Fix {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/graph.go

@@ -0,0 +1,60 @@
+package sarif
+
+// Graph - A network of nodes and directed edges that describes some aspect of the structure of the code (for example, a call graph).
+type Graph struct {
+	// A description of the graph.
+	Description *Message `json:"description,omitempty"`
+
+	// An array of edge objects representing the edges of the graph.
+	Edges []*Edge `json:"edges"`
+
+	// An array of node objects representing the nodes of the graph.
+	Nodes []*Node `json:"nodes"`
+
+	// Key/value pairs that provide additional information about the graph.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewGraph - creates a new
+func NewGraph() *Graph {
+	return &Graph{
+		Edges: make([]*Edge, 0),
+		Nodes: make([]*Node, 0),
+	}
+}
+
+// WithDescription - add a Description to the Graph
+func (d *Graph) WithDescription(description *Message) *Graph {
+	d.Description = description
+	return d
+}
+
+// WithEdges - add a Edges to the Graph
+func (e *Graph) WithEdges(edges []*Edge) *Graph {
+	e.Edges = edges
+	return e
+}
+
+// AddEdge - add a single Edge to the Graph
+func (e *Graph) AddEdge(edge *Edge) *Graph {
+	e.Edges = append(e.Edges, edge)
+	return e
+}
+
+// WithNodes - add a Nodes to the Graph
+func (n *Graph) WithNodes(nodes []*Node) *Graph {
+	n.Nodes = nodes
+	return n
+}
+
+// AddNode - add a single Node to the Graph
+func (n *Graph) AddNode(node *Node) *Graph {
+	n.Nodes = append(n.Nodes, node)
+	return n
+}
+
+// WithProperties - add a Properties to the Graph
+func (p *Graph) WithProperties(properties *PropertyBag) *Graph {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/graph_traversal.go

@@ -0,0 +1,94 @@
+package sarif
+
+// GraphTraversal - Represents a path through a graph.
+type GraphTraversal struct {
+	// Values of relevant expressions at the start of the graph traversal that may change during graph traversal.
+	InitialState map[string]MultiformatMessageString `json:"initialState,omitempty"`
+
+	// Values of relevant expressions at the start of the graph traversal that remain constant for the graph traversal.
+	ImmutableState map[string]MultiformatMessageString `json:"immutableState,omitempty"`
+
+	// A description of this graph traversal.
+	Description *Message `json:"description,omitempty"`
+
+	// The sequences of edges traversed by this graph traversal.
+	EdgeTraversals []*EdgeTraversal `json:"edgeTraversals"`
+
+	// Key/value pairs that provide additional information about the graph traversal.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The index within the result.graphs to be associated with the result.
+	ResultGraphIndex int `json:"resultGraphIndex"`
+
+	// The index within the run.graphs to be associated with the result.
+	RunGraphIndex int `json:"runGraphIndex"`
+}
+
+// NewGraphTraversal - creates a new
+func NewGraphTraversal() *GraphTraversal {
+	return &GraphTraversal{
+		EdgeTraversals:   make([]*EdgeTraversal, 0),
+		ResultGraphIndex: -1,
+		RunGraphIndex:    -1,
+	}
+}
+
+// AddInitialState - add a single InitialState to the GraphTraversal
+func (i *GraphTraversal) AddInitialState(key string, initialState MultiformatMessageString) *GraphTraversal {
+	i.InitialState[key] = initialState
+	return i
+}
+
+// WithInitialState - add a InitialState to the GraphTraversal
+func (i *GraphTraversal) WithInitialState(initialState map[string]MultiformatMessageString) *GraphTraversal {
+	i.InitialState = initialState
+	return i
+}
+
+// AddImmutableState - add a single ImmutableState to the GraphTraversal
+func (i *GraphTraversal) AddImmutableState(key string, immutableState MultiformatMessageString) *GraphTraversal {
+	i.ImmutableState[key] = immutableState
+	return i
+}
+
+// WithImmutableState - add a ImmutableState to the GraphTraversal
+func (i *GraphTraversal) WithImmutableState(immutableState map[string]MultiformatMessageString) *GraphTraversal {
+	i.ImmutableState = immutableState
+	return i
+}
+
+// WithDescription - add a Description to the GraphTraversal
+func (d *GraphTraversal) WithDescription(description *Message) *GraphTraversal {
+	d.Description = description
+	return d
+}
+
+// WithEdgeTraversals - add a EdgeTraversals to the GraphTraversal
+func (e *GraphTraversal) WithEdgeTraversals(edgeTraversals []*EdgeTraversal) *GraphTraversal {
+	e.EdgeTraversals = edgeTraversals
+	return e
+}
+
+// AddEdgeTraversal - add a single EdgeTraversal to the GraphTraversal
+func (e *GraphTraversal) AddEdgeTraversal(edgeTraversal *EdgeTraversal) *GraphTraversal {
+	e.EdgeTraversals = append(e.EdgeTraversals, edgeTraversal)
+	return e
+}
+
+// WithProperties - add a Properties to the GraphTraversal
+func (p *GraphTraversal) WithProperties(properties *PropertyBag) *GraphTraversal {
+	p.Properties = properties
+	return p
+}
+
+// WithResultGraphIndex - add a ResultGraphIndex to the GraphTraversal
+func (r *GraphTraversal) WithResultGraphIndex(resultGraphIndex int) *GraphTraversal {
+	r.ResultGraphIndex = resultGraphIndex
+	return r
+}
+
+// WithRunGraphIndex - add a RunGraphIndex to the GraphTraversal
+func (r *GraphTraversal) WithRunGraphIndex(runGraphIndex int) *GraphTraversal {
+	r.RunGraphIndex = runGraphIndex
+	return r
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/guid.go

@@ -0,0 +1,4 @@
+package sarif
+
+// Guid - A stable, unique identifier for many entities in the form of a GUID.
+type Guid string

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/guid_companion.go

@@ -0,0 +1,7 @@
+package sarif
+
+import "github.com/google/uuid"
+
+func NewGuid() Guid {
+	return Guid(uuid.New().String())
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/invocation.go

@@ -0,0 +1,292 @@
+package sarif
+
+// Invocation - The runtime environment of the analysis tool run.
+type Invocation struct {
+	// The environment variables associated with the analysis tool process, expressed as key/value pairs.
+	EnvironmentVariables map[string]string `json:"environmentVariables,omitempty"`
+
+	// The account under which the invocation occurred.
+	Account *string `json:"account,omitempty"`
+
+	// An array of strings, containing in order the command line arguments passed to the tool from the operating system.
+	Arguments []string `json:"arguments,omitempty"`
+
+	// The command line used to invoke the tool.
+	CommandLine *string `json:"commandLine,omitempty"`
+
+	// The Coordinated Universal Time (UTC) date and time at which the invocation ended. See "Date/time properties" in the SARIF spec for the required format.
+	EndTimeUtc *string `json:"endTimeUtc,omitempty"`
+
+	// An absolute URI specifying the location of the executable that was invoked.
+	ExecutableLocation *ArtifactLocation `json:"executableLocation,omitempty"`
+
+	// Specifies whether the tool's execution completed successfully.
+	ExecutionSuccessful *bool `json:"executionSuccessful,omitempty"`
+
+	// The process exit code.
+	ExitCode *int `json:"exitCode,omitempty"`
+
+	// The reason for the process exit.
+	ExitCodeDescription *string `json:"exitCodeDescription,omitempty"`
+
+	// The name of the signal that caused the process to exit.
+	ExitSignalName *string `json:"exitSignalName,omitempty"`
+
+	// The numeric value of the signal that caused the process to exit.
+	ExitSignalNumber *int `json:"exitSignalNumber,omitempty"`
+
+	// The machine on which the invocation occurred.
+	Machine *string `json:"machine,omitempty"`
+
+	// An array of configurationOverride objects that describe notifications related runtime overrides.
+	NotificationConfigurationOverrides []*ConfigurationOverride `json:"notificationConfigurationOverrides"`
+
+	// The id of the process in which the invocation occurred.
+	ProcessID *int `json:"processId,omitempty"`
+
+	// The reason given by the operating system that the process failed to start.
+	ProcessStartFailureMessage *string `json:"processStartFailureMessage,omitempty"`
+
+	// Key/value pairs that provide additional information about the invocation.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// The locations of any response files specified on the tool's command line.
+	ResponseFiles []*ArtifactLocation `json:"responseFiles,omitempty"`
+
+	// An array of configurationOverride objects that describe rules related runtime overrides.
+	RuleConfigurationOverrides []*ConfigurationOverride `json:"ruleConfigurationOverrides"`
+
+	// The Coordinated Universal Time (UTC) date and time at which the invocation started. See "Date/time properties" in the SARIF spec for the required format.
+	StartTimeUtc *string `json:"startTimeUtc,omitempty"`
+
+	// A file containing the standard error stream from the process that was invoked.
+	Stderr *ArtifactLocation `json:"stderr,omitempty"`
+
+	// A file containing the standard input stream to the process that was invoked.
+	Stdin *ArtifactLocation `json:"stdin,omitempty"`
+
+	// A file containing the standard output stream from the process that was invoked.
+	Stdout *ArtifactLocation `json:"stdout,omitempty"`
+
+	// A file containing the interleaved standard output and standard error stream from the process that was invoked.
+	StdoutStderr *ArtifactLocation `json:"stdoutStderr,omitempty"`
+
+	// A list of conditions detected by the tool that are relevant to the tool's configuration.
+	ToolConfigurationNotifications []*Notification `json:"toolConfigurationNotifications"`
+
+	// A list of runtime conditions detected by the tool during the analysis.
+	ToolExecutionNotifications []*Notification `json:"toolExecutionNotifications"`
+
+	// The working directory for the invocation.
+	WorkingDirectory *ArtifactLocation `json:"workingDirectory,omitempty"`
+}
+
+// NewInvocation - creates a new
+func NewInvocation() *Invocation {
+	return &Invocation{
+		Arguments:                          make([]string, 0),
+		NotificationConfigurationOverrides: make([]*ConfigurationOverride, 0),
+		ResponseFiles:                      make([]*ArtifactLocation, 0),
+		RuleConfigurationOverrides:         make([]*ConfigurationOverride, 0),
+		ToolConfigurationNotifications:     make([]*Notification, 0),
+		ToolExecutionNotifications:         make([]*Notification, 0),
+	}
+}
+
+// AddEnvironmentVariable - add a single EnvironmentVariable to the Invocation
+func (e *Invocation) AddEnvironmentVariable(key, environmentVariable string) *Invocation {
+	e.EnvironmentVariables[key] = environmentVariable
+	return e
+}
+
+// WithEnvironmentVariables - add a EnvironmentVariables to the Invocation
+func (e *Invocation) WithEnvironmentVariables(environmentVariables map[string]string) *Invocation {
+	e.EnvironmentVariables = environmentVariables
+	return e
+}
+
+// WithAccount - add a Account to the Invocation
+func (a *Invocation) WithAccount(account string) *Invocation {
+	a.Account = &account
+	return a
+}
+
+// WithArguments - add a Arguments to the Invocation
+func (a *Invocation) WithArguments(arguments []string) *Invocation {
+	a.Arguments = arguments
+	return a
+}
+
+// AddArgument - add a single Argument to the Invocation
+func (a *Invocation) AddArgument(argument string) *Invocation {
+	a.Arguments = append(a.Arguments, argument)
+	return a
+}
+
+// WithCommandLine - add a CommandLine to the Invocation
+func (c *Invocation) WithCommandLine(commandLine string) *Invocation {
+	c.CommandLine = &commandLine
+	return c
+}
+
+// WithEndTimeUtc - add a EndTimeUtc to the Invocation
+func (e *Invocation) WithEndTimeUtc(endTimeUtc string) *Invocation {
+	e.EndTimeUtc = &endTimeUtc
+	return e
+}
+
+// WithExecutableLocation - add a ExecutableLocation to the Invocation
+func (e *Invocation) WithExecutableLocation(executableLocation *ArtifactLocation) *Invocation {
+	e.ExecutableLocation = executableLocation
+	return e
+}
+
+// WithExecutionSuccessful - add a ExecutionSuccessful to the Invocation
+func (e *Invocation) WithExecutionSuccessful(executionSuccessful bool) *Invocation {
+	e.ExecutionSuccessful = &executionSuccessful
+	return e
+}
+
+// WithExitCode - add a ExitCode to the Invocation
+func (e *Invocation) WithExitCode(exitCode int) *Invocation {
+	e.ExitCode = &exitCode
+	return e
+}
+
+// WithExitCodeDescription - add a ExitCodeDescription to the Invocation
+func (e *Invocation) WithExitCodeDescription(exitCodeDescription string) *Invocation {
+	e.ExitCodeDescription = &exitCodeDescription
+	return e
+}
+
+// WithExitSignalName - add a ExitSignalName to the Invocation
+func (e *Invocation) WithExitSignalName(exitSignalName string) *Invocation {
+	e.ExitSignalName = &exitSignalName
+	return e
+}
+
+// WithExitSignalNumber - add a ExitSignalNumber to the Invocation
+func (e *Invocation) WithExitSignalNumber(exitSignalNumber int) *Invocation {
+	e.ExitSignalNumber = &exitSignalNumber
+	return e
+}
+
+// WithMachine - add a Machine to the Invocation
+func (m *Invocation) WithMachine(machine string) *Invocation {
+	m.Machine = &machine
+	return m
+}
+
+// WithNotificationConfigurationOverrides - add a NotificationConfigurationOverrides to the Invocation
+func (n *Invocation) WithNotificationConfigurationOverrides(notificationConfigurationOverrides []*ConfigurationOverride) *Invocation {
+	n.NotificationConfigurationOverrides = notificationConfigurationOverrides
+	return n
+}
+
+// AddNotificationConfigurationOverride - add a single NotificationConfigurationOverride to the Invocation
+func (n *Invocation) AddNotificationConfigurationOverride(notificationConfigurationOverride *ConfigurationOverride) *Invocation {
+	n.NotificationConfigurationOverrides = append(n.NotificationConfigurationOverrides, notificationConfigurationOverride)
+	return n
+}
+
+// WithProcessID - add a ProcessID to the Invocation
+func (p *Invocation) WithProcessID(processId int) *Invocation {
+	p.ProcessID = &processId
+	return p
+}
+
+// WithProcessStartFailureMessage - add a ProcessStartFailureMessage to the Invocation
+func (p *Invocation) WithProcessStartFailureMessage(processStartFailureMessage string) *Invocation {
+	p.ProcessStartFailureMessage = &processStartFailureMessage
+	return p
+}
+
+// WithProperties - add a Properties to the Invocation
+func (p *Invocation) WithProperties(properties *PropertyBag) *Invocation {
+	p.Properties = properties
+	return p
+}
+
+// WithResponseFiles - add a ResponseFiles to the Invocation
+func (r *Invocation) WithResponseFiles(responseFiles []*ArtifactLocation) *Invocation {
+	r.ResponseFiles = responseFiles
+	return r
+}
+
+// AddResponseFile - add a single ResponseFile to the Invocation
+func (r *Invocation) AddResponseFile(responseFile *ArtifactLocation) *Invocation {
+	r.ResponseFiles = append(r.ResponseFiles, responseFile)
+	return r
+}
+
+// WithRuleConfigurationOverrides - add a RuleConfigurationOverrides to the Invocation
+func (r *Invocation) WithRuleConfigurationOverrides(ruleConfigurationOverrides []*ConfigurationOverride) *Invocation {
+	r.RuleConfigurationOverrides = ruleConfigurationOverrides
+	return r
+}
+
+// AddRuleConfigurationOverride - add a single RuleConfigurationOverride to the Invocation
+func (r *Invocation) AddRuleConfigurationOverride(ruleConfigurationOverride *ConfigurationOverride) *Invocation {
+	r.RuleConfigurationOverrides = append(r.RuleConfigurationOverrides, ruleConfigurationOverride)
+	return r
+}
+
+// WithStartTimeUtc - add a StartTimeUtc to the Invocation
+func (s *Invocation) WithStartTimeUtc(startTimeUtc string) *Invocation {
+	s.StartTimeUtc = &startTimeUtc
+	return s
+}
+
+// WithStderr - add a Stderr to the Invocation
+func (s *Invocation) WithStderr(stderr *ArtifactLocation) *Invocation {
+	s.Stderr = stderr
+	return s
+}
+
+// WithStdin - add a Stdin to the Invocation
+func (s *Invocation) WithStdin(stdin *ArtifactLocation) *Invocation {
+	s.Stdin = stdin
+	return s
+}
+
+// WithStdout - add a Stdout to the Invocation
+func (s *Invocation) WithStdout(stdout *ArtifactLocation) *Invocation {
+	s.Stdout = stdout
+	return s
+}
+
+// WithStdoutStderr - add a StdoutStderr to the Invocation
+func (s *Invocation) WithStdoutStderr(stdoutStderr *ArtifactLocation) *Invocation {
+	s.StdoutStderr = stdoutStderr
+	return s
+}
+
+// WithToolConfigurationNotifications - add a ToolConfigurationNotifications to the Invocation
+func (t *Invocation) WithToolConfigurationNotifications(toolConfigurationNotifications []*Notification) *Invocation {
+	t.ToolConfigurationNotifications = toolConfigurationNotifications
+	return t
+}
+
+// AddToolConfigurationNotification - add a single ToolConfigurationNotification to the Invocation
+func (t *Invocation) AddToolConfigurationNotification(toolConfigurationNotification *Notification) *Invocation {
+	t.ToolConfigurationNotifications = append(t.ToolConfigurationNotifications, toolConfigurationNotification)
+	return t
+}
+
+// WithToolExecutionNotifications - add a ToolExecutionNotifications to the Invocation
+func (t *Invocation) WithToolExecutionNotifications(toolExecutionNotifications []*Notification) *Invocation {
+	t.ToolExecutionNotifications = toolExecutionNotifications
+	return t
+}
+
+// AddToolExecutionNotification - add a single ToolExecutionNotification to the Invocation
+func (t *Invocation) AddToolExecutionNotification(toolExecutionNotification *Notification) *Invocation {
+	t.ToolExecutionNotifications = append(t.ToolExecutionNotifications, toolExecutionNotification)
+	return t
+}
+
+// WithWorkingDirectory - add a WorkingDirectory to the Invocation
+func (w *Invocation) WithWorkingDirectory(workingDirectory *ArtifactLocation) *Invocation {
+	w.WorkingDirectory = workingDirectory
+	return w
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/language.go

@@ -0,0 +1,4 @@
+package sarif
+
+// Language - The language of the messages emitted into the log file during this run (expressed as an ISO 639-1 two-letter lowercase culture code) and an optional region (expressed as an ISO 3166-1 two-letter uppercase subculture code associated with a country or region). The casing is recommended but not required (in order for this data to conform to RFC5646).
+type Language string

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/location.go

@@ -0,0 +1,95 @@
+package sarif
+
+// Location - A location within a programming artifact.
+type Location struct {
+	// A set of regions relevant to the location.
+	Annotations []*Region `json:"annotations"`
+
+	// Value that distinguishes this location from all other locations within a single result object.
+	ID int `json:"id"`
+
+	// The logical locations associated with the result.
+	LogicalLocations []*LogicalLocation `json:"logicalLocations"`
+
+	// A message relevant to the location.
+	Message *Message `json:"message,omitempty"`
+
+	// Identifies the artifact and region.
+	PhysicalLocation *PhysicalLocation `json:"physicalLocation,omitempty"`
+
+	// Key/value pairs that provide additional information about the location.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// An array of objects that describe relationships between this location and others.
+	Relationships []*LocationRelationship `json:"relationships"`
+}
+
+// NewLocation - creates a new
+func NewLocation() *Location {
+	return &Location{
+		Annotations:      make([]*Region, 0),
+		ID:               -1,
+		LogicalLocations: make([]*LogicalLocation, 0),
+		Relationships:    make([]*LocationRelationship, 0),
+	}
+}
+
+// WithAnnotations - add a Annotations to the Location
+func (a *Location) WithAnnotations(annotations []*Region) *Location {
+	a.Annotations = annotations
+	return a
+}
+
+// AddAnnotation - add a single Annotation to the Location
+func (a *Location) AddAnnotation(annotation *Region) *Location {
+	a.Annotations = append(a.Annotations, annotation)
+	return a
+}
+
+// WithID - add a ID to the Location
+func (i *Location) WithID(id int) *Location {
+	i.ID = id
+	return i
+}
+
+// WithLogicalLocations - add a LogicalLocations to the Location
+func (l *Location) WithLogicalLocations(logicalLocations []*LogicalLocation) *Location {
+	l.LogicalLocations = logicalLocations
+	return l
+}
+
+// AddLogicalLocation - add a single LogicalLocation to the Location
+func (l *Location) AddLogicalLocation(logicalLocation *LogicalLocation) *Location {
+	l.LogicalLocations = append(l.LogicalLocations, logicalLocation)
+	return l
+}
+
+// WithMessage - add a Message to the Location
+func (m *Location) WithMessage(message *Message) *Location {
+	m.Message = message
+	return m
+}
+
+// WithPhysicalLocation - add a PhysicalLocation to the Location
+func (p *Location) WithPhysicalLocation(physicalLocation *PhysicalLocation) *Location {
+	p.PhysicalLocation = physicalLocation
+	return p
+}
+
+// WithProperties - add a Properties to the Location
+func (p *Location) WithProperties(properties *PropertyBag) *Location {
+	p.Properties = properties
+	return p
+}
+
+// WithRelationships - add a Relationships to the Location
+func (r *Location) WithRelationships(relationships []*LocationRelationship) *Location {
+	r.Relationships = relationships
+	return r
+}
+
+// AddRelationship - add a single Relationship to the Location
+func (r *Location) AddRelationship(relationship *LocationRelationship) *Location {
+	r.Relationships = append(r.Relationships, relationship)
+	return r
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/location_companion.go

@@ -0,0 +1,6 @@
+package sarif
+
+// NewLocationWithPhysicalLocation creates a Location with a PhysicalLocation
+func NewLocationWithPhysicalLocation(physicalLocation *PhysicalLocation) *Location {
+	return NewLocation().WithPhysicalLocation(physicalLocation)
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/location_relationship.go

@@ -0,0 +1,53 @@
+package sarif
+
+// LocationRelationship - Information about the relation of one location to another.
+type LocationRelationship struct {
+	// A description of the location relationship.
+	Description *Message `json:"description,omitempty"`
+
+	// A set of distinct strings that categorize the relationship. Well-known kinds include 'includes', 'isIncludedBy' and 'relevant'.
+	Kinds []string `json:"kinds"`
+
+	// Key/value pairs that provide additional information about the location relationship.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A reference to the related location.
+	Target *int `json:"target,omitempty"`
+}
+
+// NewLocationRelationship - creates a new
+func NewLocationRelationship() *LocationRelationship {
+	return &LocationRelationship{
+		Kinds: []string{"relevant"},
+	}
+}
+
+// WithDescription - add a Description to the LocationRelationship
+func (d *LocationRelationship) WithDescription(description *Message) *LocationRelationship {
+	d.Description = description
+	return d
+}
+
+// WithKinds - add a Kinds to the LocationRelationship
+func (k *LocationRelationship) WithKinds(kinds []string) *LocationRelationship {
+	k.Kinds = kinds
+	return k
+}
+
+// AddKind - add a single Kind to the LocationRelationship
+func (k *LocationRelationship) AddKind(kind string) *LocationRelationship {
+	k.Kinds = append(k.Kinds, kind)
+	return k
+}
+
+// WithProperties - add a Properties to the LocationRelationship
+func (p *LocationRelationship) WithProperties(properties *PropertyBag) *LocationRelationship {
+	p.Properties = properties
+	return p
+}
+
+// WithTarget - add a Target to the LocationRelationship
+func (t *LocationRelationship) WithTarget(target int) *LocationRelationship {
+	t.Target = &target
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/logical_location.go

@@ -0,0 +1,75 @@
+package sarif
+
+// LogicalLocation - A logical location of a construct that produced a result.
+type LogicalLocation struct {
+	// The machine-readable name for the logical location, such as a mangled function name provided by a C++ compiler that encodes calling convention, return type and other details along with the function name.
+	DecoratedName *string `json:"decoratedName,omitempty"`
+
+	// The human-readable fully qualified name of the logical location.
+	FullyQualifiedName *string `json:"fullyQualifiedName,omitempty"`
+
+	// The index within the logical locations array.
+	Index int `json:"index"`
+
+	// The type of construct this logical location component refers to. Should be one of 'function', 'member', 'module', 'namespace', 'parameter', 'resource', 'returnType', 'type', 'variable', 'object', 'array', 'property', 'value', 'element', 'text', 'attribute', 'comment', 'declaration', 'dtd' or 'processingInstruction', if any of those accurately describe the construct.
+	Kind *string `json:"kind,omitempty"`
+
+	// Identifies the construct in which the result occurred. For example, this property might contain the name of a class or a method.
+	Name *string `json:"name,omitempty"`
+
+	// Identifies the index of the immediate parent of the construct in which the result was detected. For example, this property might point to a logical location that represents the namespace that holds a type.
+	ParentIndex int `json:"parentIndex"`
+
+	// Key/value pairs that provide additional information about the logical location.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewLogicalLocation - creates a new
+func NewLogicalLocation() *LogicalLocation {
+	return &LogicalLocation{
+		Index:       -1,
+		ParentIndex: -1,
+	}
+}
+
+// WithDecoratedName - add a DecoratedName to the LogicalLocation
+func (d *LogicalLocation) WithDecoratedName(decoratedName string) *LogicalLocation {
+	d.DecoratedName = &decoratedName
+	return d
+}
+
+// WithFullyQualifiedName - add a FullyQualifiedName to the LogicalLocation
+func (f *LogicalLocation) WithFullyQualifiedName(fullyQualifiedName string) *LogicalLocation {
+	f.FullyQualifiedName = &fullyQualifiedName
+	return f
+}
+
+// WithIndex - add a Index to the LogicalLocation
+func (i *LogicalLocation) WithIndex(index int) *LogicalLocation {
+	i.Index = index
+	return i
+}
+
+// WithKind - add a Kind to the LogicalLocation
+func (k *LogicalLocation) WithKind(kind string) *LogicalLocation {
+	k.Kind = &kind
+	return k
+}
+
+// WithName - add a Name to the LogicalLocation
+func (n *LogicalLocation) WithName(name string) *LogicalLocation {
+	n.Name = &name
+	return n
+}
+
+// WithParentIndex - add a ParentIndex to the LogicalLocation
+func (p *LogicalLocation) WithParentIndex(parentIndex int) *LogicalLocation {
+	p.ParentIndex = parentIndex
+	return p
+}
+
+// WithProperties - add a Properties to the LogicalLocation
+func (p *LogicalLocation) WithProperties(properties *PropertyBag) *LogicalLocation {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/message.go

@@ -0,0 +1,62 @@
+package sarif
+
+// Message - Encapsulates a message intended to be read by the end user.
+type Message struct {
+	// An array of strings to substitute into the message string.
+	Arguments []string `json:"arguments"`
+
+	// The identifier for this message.
+	ID *string `json:"id,omitempty"`
+
+	// A Markdown message string.
+	Markdown *string `json:"markdown,omitempty"`
+
+	// Key/value pairs that provide additional information about the message.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A plain text message string.
+	Text *string `json:"text,omitempty"`
+}
+
+// NewMessage - creates a new
+func NewMessage() *Message {
+	return &Message{
+		Arguments: make([]string, 0),
+	}
+}
+
+// WithArguments - add a Arguments to the Message
+func (a *Message) WithArguments(arguments []string) *Message {
+	a.Arguments = arguments
+	return a
+}
+
+// AddArgument - add a single Argument to the Message
+func (a *Message) AddArgument(argument string) *Message {
+	a.Arguments = append(a.Arguments, argument)
+	return a
+}
+
+// WithID - add a ID to the Message
+func (i *Message) WithID(id string) *Message {
+	i.ID = &id
+	return i
+}
+
+// WithMarkdown - add a Markdown to the Message
+func (m *Message) WithMarkdown(markdown string) *Message {
+	m.Markdown = &markdown
+	return m
+}
+
+// WithProperties - add a Properties to the Message
+func (p *Message) WithProperties(properties *PropertyBag) *Message {
+	p.Properties = properties
+	return p
+}
+
+// WithText - add a Text to the Message
+func (t *Message) WithText(text string) *Message {
+	t.Text = &text
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/message_companion.go

@@ -0,0 +1,6 @@
+package sarif
+
+// NewTextMessage creates a simple text message
+func NewTextMessage(text string) *Message {
+	return NewMessage().WithText(text)
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/multiformat_message_string.go

@@ -0,0 +1,36 @@
+package sarif
+
+// MultiformatMessageString - A message string or message format string rendered in multiple formats.
+type MultiformatMessageString struct {
+	// A Markdown message string or format string.
+	Markdown *string `json:"markdown,omitempty"`
+
+	// Key/value pairs that provide additional information about the message.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A plain text message string or format string.
+	Text *string `json:"text,omitempty"`
+}
+
+// NewMultiformatMessageString - creates a new
+func NewMultiformatMessageString() *MultiformatMessageString {
+	return &MultiformatMessageString{}
+}
+
+// WithMarkdown - add a Markdown to the MultiformatMessageString
+func (m *MultiformatMessageString) WithMarkdown(markdown string) *MultiformatMessageString {
+	m.Markdown = &markdown
+	return m
+}
+
+// WithProperties - add a Properties to the MultiformatMessageString
+func (p *MultiformatMessageString) WithProperties(properties *PropertyBag) *MultiformatMessageString {
+	p.Properties = properties
+	return p
+}
+
+// WithText - add a Text to the MultiformatMessageString
+func (t *MultiformatMessageString) WithText(text string) *MultiformatMessageString {
+	t.Text = &text
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/node.go

@@ -0,0 +1,62 @@
+package sarif
+
+// Node - Represents a node in a graph.
+type Node struct {
+	// Array of child nodes.
+	Children []*Node `json:"children"`
+
+	// A string that uniquely identifies the node within its graph.
+	ID *string `json:"id,omitempty"`
+
+	// A short description of the node.
+	Label *Message `json:"label,omitempty"`
+
+	// A code location associated with the node.
+	Location *Location `json:"location,omitempty"`
+
+	// Key/value pairs that provide additional information about the node.
+	Properties *PropertyBag `json:"properties,omitempty"`
+}
+
+// NewNode - creates a new
+func NewNode() *Node {
+	return &Node{
+		Children: make([]*Node, 0),
+	}
+}
+
+// WithChildren - add a Children to the Node
+func (c *Node) WithChildren(children []*Node) *Node {
+	c.Children = children
+	return c
+}
+
+// AddChildren - add a single Children to the Node
+func (c *Node) AddChildren(children *Node) *Node {
+	c.Children = append(c.Children, children)
+	return c
+}
+
+// WithID - add a ID to the Node
+func (i *Node) WithID(id string) *Node {
+	i.ID = &id
+	return i
+}
+
+// WithLabel - add a Label to the Node
+func (l *Node) WithLabel(label *Message) *Node {
+	l.Label = label
+	return l
+}
+
+// WithLocation - add a Location to the Node
+func (l *Node) WithLocation(location *Location) *Node {
+	l.Location = location
+	return l
+}
+
+// WithProperties - add a Properties to the Node
+func (p *Node) WithProperties(properties *PropertyBag) *Node {
+	p.Properties = properties
+	return p
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/notification.go

@@ -0,0 +1,115 @@
+package sarif
+
+// Notification - Describes a condition relevant to the tool itself, as opposed to being relevant to a target being analyzed by the tool.
+type Notification struct {
+	// A reference used to locate the rule descriptor associated with this notification.
+	AssociatedRule *ReportingDescriptorReference `json:"associatedRule,omitempty"`
+
+	// A reference used to locate the descriptor relevant to this notification.
+	Descriptor *ReportingDescriptorReference `json:"descriptor,omitempty"`
+
+	// The runtime exception, if any, relevant to this notification.
+	Exception *Exception `json:"exception,omitempty"`
+
+	// A value specifying the severity level of the notification.
+	Level string `json:"level"`
+
+	// The locations relevant to this notification.
+	Locations []*Location `json:"locations"`
+
+	// A message that describes the condition that was encountered.
+	Message *Message `json:"message,omitempty"`
+
+	// Key/value pairs that provide additional information about the notification.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// A set of locations relevant to this notification.
+	RelatedLocations []*Location `json:"relatedLocations"`
+
+	// The thread identifier of the code that generated the notification.
+	ThreadID *int `json:"threadId,omitempty"`
+
+	// The Coordinated Universal Time (UTC) date and time at which the analysis tool generated the notification.
+	TimeUtc *string `json:"timeUtc,omitempty"`
+}
+
+// NewNotification - creates a new
+func NewNotification() *Notification {
+	return &Notification{
+		Level:            "warning",
+		Locations:        make([]*Location, 0),
+		RelatedLocations: make([]*Location, 0),
+	}
+}
+
+// WithAssociatedRule - add a AssociatedRule to the Notification
+func (a *Notification) WithAssociatedRule(associatedRule *ReportingDescriptorReference) *Notification {
+	a.AssociatedRule = associatedRule
+	return a
+}
+
+// WithDescriptor - add a Descriptor to the Notification
+func (d *Notification) WithDescriptor(descriptor *ReportingDescriptorReference) *Notification {
+	d.Descriptor = descriptor
+	return d
+}
+
+// WithException - add a Exception to the Notification
+func (e *Notification) WithException(exception *Exception) *Notification {
+	e.Exception = exception
+	return e
+}
+
+// WithLevel - add a Level to the Notification
+func (l *Notification) WithLevel(level string) *Notification {
+	l.Level = level
+	return l
+}
+
+// WithLocations - add a Locations to the Notification
+func (l *Notification) WithLocations(locations []*Location) *Notification {
+	l.Locations = locations
+	return l
+}
+
+// AddLocation - add a single Location to the Notification
+func (l *Notification) AddLocation(location *Location) *Notification {
+	l.Locations = append(l.Locations, location)
+	return l
+}
+
+// WithMessage - add a Message to the Notification
+func (m *Notification) WithMessage(message *Message) *Notification {
+	m.Message = message
+	return m
+}
+
+// WithProperties - add a Properties to the Notification
+func (p *Notification) WithProperties(properties *PropertyBag) *Notification {
+	p.Properties = properties
+	return p
+}
+
+// WithRelatedLocations - add a RelatedLocations to the Notification
+func (r *Notification) WithRelatedLocations(relatedLocations []*Location) *Notification {
+	r.RelatedLocations = relatedLocations
+	return r
+}
+
+// AddRelatedLocation - add a single RelatedLocation to the Notification
+func (r *Notification) AddRelatedLocation(relatedLocation *Location) *Notification {
+	r.RelatedLocations = append(r.RelatedLocations, relatedLocation)
+	return r
+}
+
+// WithThreadID - add a ThreadID to the Notification
+func (t *Notification) WithThreadID(threadId int) *Notification {
+	t.ThreadID = &threadId
+	return t
+}
+
+// WithTimeUtc - add a TimeUtc to the Notification
+func (t *Notification) WithTimeUtc(timeUtc string) *Notification {
+	t.TimeUtc = &timeUtc
+	return t
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/physical_location.go

@@ -0,0 +1,54 @@
+package sarif
+
+// PhysicalLocation - A physical location relevant to a result. Specifies a reference to a programming artifact together with a range of bytes or characters within that artifact.
+type PhysicalLocation struct {
+	// The address of the location.
+	Address *Address `json:"address,omitempty"`
+
+	// The location of the artifact.
+	ArtifactLocation *ArtifactLocation `json:"artifactLocation,omitempty"`
+
+	// Specifies a portion of the artifact that encloses the region. Allows a viewer to display additional context around the region.
+	ContextRegion *Region `json:"contextRegion,omitempty"`
+
+	// Key/value pairs that provide additional information about the physical location.
+	Properties *PropertyBag `json:"properties,omitempty"`
+
+	// Specifies a portion of the artifact.
+	Region *Region `json:"region,omitempty"`
+}
+
+// NewPhysicalLocation - creates a new
+func NewPhysicalLocation() *PhysicalLocation {
+	return &PhysicalLocation{}
+}
+
+// WithAddress - add a Address to the PhysicalLocation
+func (a *PhysicalLocation) WithAddress(address *Address) *PhysicalLocation {
+	a.Address = address
+	return a
+}
+
+// WithArtifactLocation - add a ArtifactLocation to the PhysicalLocation
+func (a *PhysicalLocation) WithArtifactLocation(artifactLocation *ArtifactLocation) *PhysicalLocation {
+	a.ArtifactLocation = artifactLocation
+	return a
+}
+
+// WithContextRegion - add a ContextRegion to the PhysicalLocation
+func (c *PhysicalLocation) WithContextRegion(contextRegion *Region) *PhysicalLocation {
+	c.ContextRegion = contextRegion
+	return c
+}
+
+// WithProperties - add a Properties to the PhysicalLocation
+func (p *PhysicalLocation) WithProperties(properties *PropertyBag) *PhysicalLocation {
+	p.Properties = properties
+	return p
+}
+
+// WithRegion - add a Region to the PhysicalLocation
+func (r *PhysicalLocation) WithRegion(region *Region) *PhysicalLocation {
+	r.Region = region
+	return r
+}

vendor/github.com/owenrumney/go-sarif/v3/pkg/report/v22/sarif/properties.go

@@ -0,0 +1,3 @@
+package sarif
+
+type Properties map[string]interface{}