I'm using a couple different static analysis tools, both of which produce valid SARIF files according to https://sarifweb.azurewebsites.net/Validation

The SARIF files contain issues with their level set to "note", "warning", and "error", but the output from Warnings NG after running recordIssues against the SARIF file only shows Low severity items.

I've attached a sanitized SARIF file with my file paths removed, but it's still valid per the validator above.

This is running in a pipeline, using the following recordIssues command:

recordIssues(aggregatingResults: true, skipPublishingChecks: true, blameDisabled: true, filters: [excludeFile('.*\\/test\\/.*')], tool: sarif(id: 'Security_Code_Scan', name: 'Security Code Scan', pattern: '*.sarif'))