Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 17 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,23 @@ With `--json` alone, no report files are written; combine it with `--format` to
files and print JSON in the same run. All human-readable messages (info, warnings,
errors) move to stderr in `--json` mode, so stdout only ever contains the JSON payload.

### Report formats

The `--format` flag controls which report files DockSec generates.

| Format | Description |
| --- | --- |
| `json` | Structured machine-readable report for automation and integrations. See the [Machine-readable output](#machine-readable-output) section for details on JSON output behavior. |
| `csv` | Tabular report suitable for spreadsheets, reporting pipelines, and bulk analysis of findings. |
| `pdf` | Human-readable report designed for sharing, review, and archival purposes. |
| `html` | Interactive browser-based report with formatted findings and navigation for easier review. |

> **Note**
>
> When no vulnerabilities are found, CSV output is still generated with column headers only and no data rows. This header-only CSV is intentional behavior and does not indicate an error.

For GitHub Code Scanning integration details, see the [SARIF output for GitHub Code Scanning](#sarif-output-for-github-code-scanning) section.

### SARIF output for GitHub Code Scanning

`--sarif` writes a SARIF 2.1.0 report alongside the other report formats. Upload it
Expand Down