Bring SAST to Core - Flawfinder
Full requirements listing in &2073 (closed)
Scope of this issue specifically
Flawfinder security plugin scanning, when Docker-in-Docker is disabled - SAST_DISABLED_DIND = true
Plan
Implementation Plan
-
Update SAST vendored template -
Remove check for /sast/ in features for the brakeman analyzers for the DIND-free version.
-
-
Update license for the repository from EE License
toMIT Expat
Minor Version Bump
Test Plan
-
Test analyzers as a core user -
Verify Capability table from Epic
-
-
Test analyzers as an ultimate user -
Verify Capability table from Epic
-
-
-
Ensure support for downloading artifact
-
Edited by Zach Rice