starlarky initial config addition for Semgrep SAST and Dependency scans

initial config addition for Semgrep SAST and Dependency scans

Open bryant-quist-vgs opened this issue 11 months ago • 0 comments

Fixes SECENG-222

Description of changes in release / Impact of release:

Adding configuration for Semgrep Code (SAST) and SCA (dependency vulnerability scanning). The jobs provided perform scans of PRs and and also a scheduled scan. Required for PCI DSS 6

Documentation

(insert text here)

Risks of this release

Is this a breaking change?

[ ] Yes
[X] No

If you answered Yes then describe why is it so

(insert text here if applicable)

Is there a way to disable the change?

[ ] Use previous release
[ ] Use a feature flag
[X] No

Additional details go here

(insert text here if applicable)

Jul 15 '23 18:07 bryant-quist-vgs

starlarky starlarky copied to clipboard

initial config addition for Semgrep SAST and Dependency scans

Fixes SECENG-222

Description of changes in release / Impact of release:

Documentation

Risks of this release

Is this a breaking change?

If you answered Yes then describe why is it so

Is there a way to disable the change?

Additional details go here

starlarky
starlarky copied to clipboard