This version of GitHub Enterprise Server will be discontinued on 2024-06-29. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.

SARIF file is invalid

Code scanning can only process syntactically valid SARIF files. Invalid files are rejected.

In this article

About this error

Invalid SARIF
SARIF file invalid
SARIF ZIP upload is invalid
400: Bad Request if the sarif field is invalid

One of these errors is reported if code scanning cannot parse the SARIF file.

You are unlikely to see this error when using CodeQL analysis.

Confirming the cause of the error

You can investigate the underlying cause of the error by looking at the log for the workflow run that uploaded the analysis and by checking the SARIF file in a validator. For more information, see "Using workflow run logs" and visit the Microsoft SARIF validator.

Fixing the problem

After you identify the invalid parts of the SARIF file, you may be able to resolve smaller issues manually, but you may need to talk to the maintainers of the tool. For information about validation and the format supported by code scanning, see "SARIF support for code scanning."