Producing reports

Via the SASHA scanner you can generate the following reports:

--report-sarif

Produces a SARIF report file of the analysis

Example: --report-sarif=~/report.sarif

--report-console

Particularly useful on CI/CD pipelines, this flag allows to produce a report that can be viewed directly from the console. At the moment it can be paired to sub-options (color, no-color) to either have a formatted output with colours or one without (the default is the former)

Examples: --report-console, --report-console:no-color