Follow-up from "Add MobSF in SAST vendor template"
The following discussion from !45291 (merged) should be addressed:
-
@theoretick started a discussion: suggestion not-blocking: it would be nice to have some negative cases for the experimental ENV too, but that can be done as a follow-up:
'iOS' | { 'a.xcodeproj/x.pbxproj' => '' } | { 'SAST_EXPERIMENTAL_FEATURES' => 'true' } | %w(mobsf-ios-sast) 'iOS' | { 'a.xcodeproj/x.pbxproj' => '' } | | %w()
Note that's just pseudocode, empty array will trigger an invalid pipeline so it'll need something slightly more complex; i.e. 2 analyzers to note the absence of mobsf
Edited by rossfuhrman