SASTΒΆ
Weβre using semgrep to do static application security testing (SAST).
SAST Docker imageΒΆ
Thereβs a SAST Docker image which weβre using for the tests.
The Docker image can be used to run semgrep with the official registry rules, but also our custom SAST rules.
SAST rulesΒΆ
The image also includes custom SAST rules, which weβre maintaining.
Hint
Read the Writing rules chapter of the official documentation, to maintain our custom rules.
SAST CI fileΒΆ
While semgrep is a Python utility, it can be used to test many different languages.
Thus weβve created a dedicated shared sast CI file, which can be included in all the projects requiring SAST.