Function parse_sarif 

pub fn parse_sarif(
    stdout: &[u8],
    project: &Project,
    project_root: &Path,
    plugin_name: &str,
    rule_id_prefix: &str,
) -> Vec<Finding>

Parse the raw bytes of SARIF 2.1.0 plugin stdout into a list of Findings.

Only the runs[0].results[] array is processed. All SARIF fields are treated as optional at the deserialisation level to handle inconsistent emitters gracefully.

A result whose ruleId is absent is silently skipped (SARIF spec allows this for informational results). If the top-level runs field is missing entirely, a single parse-error finding is returned instead of panicking.

Arguments

• stdout — raw bytes captured from the plugin subprocess (must be valid UTF-8; invalid sequences are replaced by the JSON parser with an error).
• project — the project view used for source-based span resolution.
• project_root — absolute path to the project root; used to canonicalise file paths reported in SARIF artifactLocation.uri.
• plugin_name — the plugin’s install name; used to form AnalyzerId and the parse-error rule ID.
• rule_id_prefix — prefix prepended to any ruleId that does not already start with it (e.g. "ZIG/").