starlarky
starlarky copied to clipboard
initial config addition for Semgrep SAST and Dependency scans
Fixes SECENG-222
Description of changes in release / Impact of release:
Adding configuration for Semgrep Code (SAST) and SCA (dependency vulnerability scanning). The jobs provided perform scans of PRs and and also a scheduled scan. Required for PCI DSS 6
Documentation
(insert text here)
Risks of this release
Is this a breaking change?
- [ ] Yes
- [X] No
If you answered Yes then describe why is it so
(insert text here if applicable)
Is there a way to disable the change?
- [ ] Use previous release
- [ ] Use a feature flag
- [X] No
Additional details go here
(insert text here if applicable)