Software Engineering Institute

The SCAIFE beta version 0.0.2 API in a YAML specification was published on the CMU-SEI GitHub site in mid-June of 2019. The YAML file specifies the Source Code Analysis Integrated Framework Environment (SCAIFE) API definition in a format that developers can easily use to view, modify, and automatically generate code from (e.g., with the Swagger-Editor and Swagger-Codegen tools).

The new repository "SCAIFE-API" holds the YAML file and additional information (currently README and license files) at https://github.com/cmu-sei/SCAIFE-API.

SCAIFE is an architecture that supports static analysis alert classification and prioritization. It is designed so a wide variety of static analysis tools can integrate with the system using the API definition we are developing. We expect the API to be of interest to organizations that develop and/or research static analysis tools, static analysis alert auditing aggregators and other static analysis alert auditing frameworks. This SCAIFE beta API definition can be referenced by developers to help them to estimate development effort that would be required to modify their organization’s tool(s) to make and respond to SCAIFE API calls.