S

SAST

GitLab's semgrep container image augmented with hundreds of additional Node.js/JavaScript/Typescript and Go rules from Semgrep's rule repository.

Static Application Security Testing (SAST) checks your source code for known vulnerabilities.

GitLab Analyzer for Infrastructure as Code (IaC) projects that calls kics. This analyzer is written in Go using the command library shared by all analyzers.

Go package for implementing shared vulnerability structs for secure analyzers

SAST Analyzer for detecting leaked secrets

SAST Analyzer for Kubernetes manifests based on kubesec

SAST Analyzer for Phoenix Elixir projects based on sobelow

SAST Analyzer based on Semgrep

Test project with: Language: Scala - Package Manager: Sbt

Components for running Puma Scan in GitLab CI/CD pipelines.

Convert from SARIF to GitLab Code Quality and SAST report.

SAST Analyzer for Salesforce Apex projects based on pmd

Rule Repository for GitLab SAST

Test project with: Language: Java - Package Manager: Maven

Go packages to implement analyzers

AI-powered security scanner that finds vulnerabilities and provides one-click fixes directly in GitLab merge requests. A reusable CI/CD Catalog component built with Google Cloud Vertex AI.

Project Description gerdmate-infra is the infrastructure codebase for the GERDmate platform – a modern digital health solution focused on monitoring and managing Gastroesophageal Reflux Disease (GERD) using AI and wearable data.

This repository contains all the necessary Infrastructure-as-Code (IaC) configurations, CI/CD pipeline definitions, security integrations, and observability tooling to support the deployment and scaling of GERDmate services across cloud environments.

SAST Analyzer based on SpotBugs and Find Sec Bugs.

Go package for implementing shared vulnerability command interface for secure analyzers

A post-processor for computing the scope+offset fingerprint.