Advanced SAST support for PHP
And finally from the static analysis group, they will be working to expand language coverage for Advanced SAST for PHP, one of the top used languages by our customers. Advanced SAST offers cross-file/cross-function analysis which allows for the accurate detection of vulnerabilities that have a sink and source that span multiple files within a code base.
## Motivation
> [GitLab Advanced SAST](https://docs.gitlab.com/ee/user/application_security/sast/gitlab_advanced_sast.html) provides cross-file, cross-function scanning, including a more powerful engine and matching detection rules. Enabling these capabilities will improve SAST result quality for customers.
See [parent epic motivation](https://gitlab.com/groups/gitlab-org/-/epics/14312#motivation).
## Requirements for each language
> We need to deliver each language as an end-to-end capability, meaning:
> - The engine must support cross-file, cross-function scanning for that language.
> - We must distribute a ruleset that takes advantage of cross-file, cross-function capabilities. (This ruleset should still include rules that don't need to track dataflow, but we can't really say that we offer cross-file/cross-function scanning if no rules are using it.)
See [parent epic requirements](https://gitlab.com/groups/gitlab-org/-/epics/14312#requirements-for-each-language).
epic