[Integrates] Fixes
Problem to solve
We have a custom and suggested fix feature that does not support all the languages supported on SAST.
Intended users
Fixes users.
Permissions and Security
N/A
Proposal
Fixes are supported for every language that SAST supports
Test plan
Steps
Language | Extension(s) | Suggested Fix | Custom fix |
---|---|---|---|
Android | .apk | ||
Bash | .sh | X | |
C# | .cs | X | X |
Cloudformation | .yaml, .yml, .json | ||
Configuration files | .json | ||
Dart | .dart | X | X |
Docker | Dockerfile | X | X |
DockerCompose | .yaml | X | |
Go | .go | X | X |
HTML | .html | ||
Java | .java | X | X |
Javascript | .js, .jsx | X | X |
Kotlin | .kt | X | X |
Kubernetes | .yaml, .yml | X | X |
Python | .py | X | X |
Swift | .swift | X | X |
Typescript | .ts, .tsx | X | X |
Terraform | .tf | X |
-
Make sure that the code contributions checklist has been followed.
What does success look like, and how can we measure that?
Clients can generate fixes for every language supported by SAST.
Links / references
- https://code.visualstudio.com/docs/languages/identifiers#_known-language-identifiers
- https://github.com/orgs/vulnerable-apps/repositories?type=all
- https://github.com/juice-shop/juice-shop (TS)
- https://github.com/madhuakula/kubernetes-goat (HTML|Docker)
- https://github.com/bridgecrewio/cfngoat (Cloudformation)
- https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application (GraphQL)
- https://github.com/digininja/DVWA (PHP)
Edited by Juan Chaves