CSV Output Schema Reference
This example shows how to create a comma-separated values (CSV) formatted output file when using the --output-file flag of the code-analyzer run command.
This sample output shows 3 violations with different severities from different engines.
All property values are wrapped in double quotes which allows for comma-separated properties, such as the list of tags associated with the violation.
CSV output includes only the primary location of a violation. If a violation has multiple locations, you must rerun the scan and specify any other output format, such as SARIF or JSON, to see all the locations.
| Property | Data Type | Description |
|---|---|---|
rule | string | The name of the rule that's associated with the violation. |
engine | string | The engine that's associated with the violation. |
severity | number | The severity level of the violation: 1 (Critical), 2 (High), 3 (Moderate), 4 (Low), 5 (Info) |
tags | string[] | The tags that are associated with the rule that's associated with the violation. Multiple tags are separated by commas. |
file | string | The pathname of the file in which the violation occurred, relative to the runDir directory. |
startLine | number | The line where the violating code starts. |
startColumn | number | The column in the startLine where the violating code starts. |
endLine | number | The line where the violating code ends. |
endColumn | number | The column in the endLine where the violating code ends. |
message | string | The violation message. |
resources | string[] | The URLs for additional resources and information about the violation. Multiple resources are separated by commas. |