-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathstatic-analysis.yml
56 lines (56 loc) · 1.39 KB
/
static-analysis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
---
.static-analysis:
variables:
SEMGREP_SEND_METRICS: "off"
SEMGREP_TIMEOUT: "900"
image:
name: returntocorp/semgrep:1.74.0
entrypoint: [""]
script:
- semgrep --disable-version-check --version
- >-
semgrep
--error
--disable-version-check
--metrics="off"
--severity="ERROR"
--severity="WARNING"
--exclude=".git/"
--exclude="build/"
--exclude="dist/"
--exclude="node_modules/"
--exclude="test/"
--exclude="tests/"
--exclude="vendor/"
--config="p/ci"
--config="p/command-injection"
--config="p/headless-browser"
--config="p/insecure-transport"
--config="p/jwt"
--config="p/mobsfscan"
--config="p/owasp-top-ten"
--config="p/r2c"
--config="p/r2c-bug-scan"
--config="p/r2c-ci"
--config="p/r2c-security-audit"
--config="p/secrets"
--config="p/security-audit"
--config="p/sql-injection"
--config="p/trailofbits"
--config="p/xss"
--config="p/java"
--config="p/react"
--config="p/golang"
--config="p/kotlin"
--config="p/nodejs"
--config="p/python"
--config="p/expressjs"
--config="p/nodejsscan"
--config="p/typescript"
--config="p/javascript"
--config="p/clientside-js"
--config="p/eslint-plugin-security"
$(pwd)
tags:
- miquido
- docker