Generate output with a SARIF template

trivy

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues.
More information: <https://github.com/aquasecurity/trivy>.
Trick copyright: tl;dr; <https://github.com/tldr-pages/tldr>

trivy image --format {{template}} --template {{"@sarif.tpl"}} -o {{path/to/report.sarif}} {{image:tag}}

click the source code to copy