{ "$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json", "version": "2.1.0", "runs": [ { "tool": { "driver": { "name": "REACHABLE", "version": "1.0.0b115", "semanticVersion": "1.0.0b115", "informationUri": "https://reachable.dev", "rules": [], "properties": { "reachabilityAnalysis": true, "callGraphTracing": true, "multiSignalCorrelation": true, "findingTypes": [ "CVE", "SECRET", "CWE", "MALWARE", "SUSPICIOUS", "AI", "DLP" ] } } }, "invocations": [ { "executionSuccessful": true, "startTimeUtc": "2026-06-20T15:34:22Z", "endTimeUtc": "2026-06-20T15:34:22Z" } ], "results": [], "properties": { "reportingScope": "code-scanning", "totalActionable": 0, "totalProductionPosture": 0, "totalEvidenceFindings": 0, "byType": {}, "byReachability": {}, "byProdStatus": {}, "riskLevel": "NONE", "languages": [ "config", "go", "python" ], "reachabilityNote": "This report contains production actionable EXPLOITABLE, REACHABLE, UNKNOWN, and DEFENDED findings. NON_PROD and NOT_REACHABLE findings are omitted." }, "versionControlProvenance": [ { "repositoryUri": "https://gitlab.com/sthenos-security-public/reach-testbed-gitlab-go", "branch": "reachable-remediate-2616266772", "revisionId": "562ca3c12edef8f4f99cdf8d303b4d514aa68f36" } ] } ] }