SARIF (https://github.com/oasis-tcs/sarif-spec) is a new draft standard interchange format for static analysis results that allows result viewers to be decoupled from the tool producing the analysis results. This patch allows users to specify SARIF as the output from the clang static analyzer so that the results can be read in by other tools. There are several such tools for consuming SARIF, such as extensions to Visual Studio and VSCode, as well as static analyzers like CodeSonar.
SARIF is JSON-based and the latest provisional specification can be found at: https://github.com/oasis-tcs/sarif-spec/blob/master/Documents/ProvisionalDrafts/sarif-v2.0-csd02-provisional.docx. GrammaTech sponsored the work to produce this patch and we will make any necessary changes if the draft standard changes before publication.
Would it make more sense to just use diff + json pretty-formatter to write a test?
With this test I can't even quite figure out how the output should look like.