ShiftLeftSecurity / sast-scan

Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
https://discord.gg/DCNxzaeUpd
Apache License 2.0
804 stars 111 forks source link

Feature: convert only mode for scan #312

Open prabhu opened 3 years ago

prabhu commented 3 years ago

Some users of scan also have other tools that can output in json format. They would benefit from the automatic sarif conversion performed by this tool.

The idea is that the user can dump all such json in the same reports directory. Then by optionally passing a flag --convert-only users can skip any new scans forcing just a sarif conversion.