Add reader and tests for SAST Precaution

OWASP-Benchmark / BenchmarkUtils

OWASP Benchmark Project Utilities - Provides scorecard generation and crawling tools for Benchmark style test suites.

https://owasp.org/www-project-benchmark/

GNU General Public License v3.0

13 stars 48 forks source link

Add reader and tests for SAST Precaution #69

Closed ericwb closed 2 months ago

ericwb commented 2 months ago

This change adds Precaution to the list of supported SASTs. Precaution can render its output as SARIF so it extends the SarifReader.

Included are a test case and example SARIF output file as a result of scanning BenchmarkTest00073.java in BenchmarkJava.

https://github.com/securesauce/precli

davewichers commented 2 months ago

@darkspirit510 - Can you please review this PR? Also, can you scan the entire Benchmark with this tool and send @darkspirit510 a copy of all the results directly?

darkspirit510 commented 2 months ago

Thank you for the PR. It looks good to me! I wonder why check fails at GitHub action.