API Migration Guard Run free scan

Migration assurance

Sample SARIF output: migration guide and scanner checklist

Sample SARIF output explains what replaces Scanner evidence without portable security-review format, the removal date, the migration risks to validate, and how API Migration Guard detects the pattern.

TL;DR

Deprecated itemRemoval dateReplacementMigration riskScanner detection
Scanner evidence without portable security-review formatBefore audit or agency handoffDownloadable SARIF sample with rule IDs and redacted locationsSecurity and engineering reviewers may need machine-readable output, not only HTML.SARIF 2.1.0 sample

Official status

Amazon documentation lists Scanner evidence without portable security-review format as in-scope for this migration. Use the official source before code freeze because deadlines and replacement details can change.

How to use this asset in production

Downloadable assets are intentionally paired with landing pages. The landing page gives context, source links and checksum; the file gives a portable artifact for a pull request, audit ticket, agency handoff or cutover runbook.

Use caseProduction expectation
Pull requestAttach the asset and link the matching scan or validator result.
Audit ticketRecord the checksum and the source page so reviewers know which version was used.
Cutover runbookUse the asset as input evidence, not as a replacement for production sample validation.

Download asset and checksum

Download the file from this landing page and record the checksum in the ticket, pull request or audit note. The direct file is not listed in the sitemap; this page is the canonical indexable explanation.

FileFormatSHA-256Validation use
sample-sarif-output.jsonapplication/json9a095e71f4e14a1656afbc17b835c0dab5bfe48b7998acf05d993f3629c53893Attach to migration evidence and re-run the matching scanner or validator after code changes.

Removed resource and replacement

Old resourceReplacementDeadlineValidation outcome
Scanner evidence without portable security-review formatDownloadable SARIF sample with rule IDs and redacted locationsBefore audit or agency handoffSecurity and engineering reviewers may need machine-readable output, not only HTML.

What breaks

AreaBreakage
Code patternTeams miss deprecated usage hidden in source, fixtures, generated clients or parser utilities.
Payload or schemaOutput can appear healthy while API/report payload shape changed underneath.
Permission or data accessAccess, role, retention or payment boundaries can block the commercial handoff.
Pagination, status or field mappingPagination, deadlines and sample-data reconciliation need module-specific validation.

Before/after example

The example is intentionally small so the migration shape is visible in a code review.

Before:
paste screenshots of findings into a ticket

After:
attach sample SARIF and evidence ZIP to code-review or audit workflow

Scanner detection

Rule IDSeverityEvidence patternFalse positive conditionValidation step
SARIF 2.1.0 sampleDepends on module and evidence typeScanner evidence without portable security-review formatDocumentation, comments, generated clients or test fixtures can require manual review.Run a free scan across Orders, Settlement and Finances source paths.

Migration checklist

Common mistakes

Sample report preview

The public sample report shows the same evidence shape used by paid reports: rule ID, severity, file location, redacted evidence, migration mapping, validation step and quality gate.

FAQ

Who is Sample SARIF output for?

Developers, agencies and SaaS teams preparing Amazon SP-API cutovers.

Does the tool execute code?

No. It uses static analysis and sample validators only.

What should I do after a free scan?

Review the evidence, inspect the sample report format and unlock the detailed report if the findings are actionable.

Official sources

Internal migration links

Validate Sample SARIF output in your source

Run a static scan, review the sample report shape, then unlock the detailed migration report when the evidence is useful.

Recommended next action