Skip to content

fix: correct CLI flag in README and use package version in SARIF output#7

Closed
dmchaledev wants to merge 1 commit into
mainfrom
fix/readme-cli-flag-and-sarif-version
Closed

fix: correct CLI flag in README and use package version in SARIF output#7
dmchaledev wants to merge 1 commit into
mainfrom
fix/readme-cli-flag-and-sarif-version

Conversation

@dmchaledev

@dmchaledev dmchaledev commented May 24, 2026

Copy link
Copy Markdown
Contributor

Summary

Two bugs fixed in this PR:

1. Wrong CLI flag in README

The README showed --output=sarif but the actual flag is --format=sarif. Users following the docs would get an error.

2. Hardcoded version in SARIF output

toSarif() always reported version "0.0.1" regardless of the actual package version. This caused SARIF consumers (GitHub Code Scanning, etc.) to see stale version metadata.

  • Replaced with runtime lookup of package.json version via createRequire
  • Added resolveJsonModule to tsconfig
  • Updated test to expect actual version "1.0.1"

Verification

  • npm run build — passes
  • npm test — 70/70 tests pass
  • npm run lint — passes (0 warnings)

fix: correct CLI flag in README and use package version in SARIF output
627c7bc 
- Fix README: --output=sarif → --format=sarif (the actual CLI flag)
- Replace hardcoded '0.0.1' version in toSarif() with version from package.json
- Update tsconfig to include resolveJsonModule for JSON imports
- Update sarif test to expect actual package version '1.0.1'

Before this fix, SARIF consumers would always see tool version '0.0.1'
regardless of the actual package version being used.
@dmchaledev dmchaledev closed this May 29, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dmchaledev