charlieparkes
commented
4 years ago This would be great! Is it converting a gitlab specific report or is it generated by a specific tool we could run ourselves too?
Open nabadger opened 4 years ago
charlieparkes
commented
4 years ago This would be great! Is it converting a gitlab specific report or is it generated by a specific tool we could run ourselves too?
nabadger
commented
4 years ago We can run the tool - it will just analyze the code and generate a JUnit XML output report - probably would work with the Jenkins JUnit Plugin too!
Example XML: https://gitlab.com/mintel/appsec/sastconvertor/-/blob/master/testdata/out-report-2.xml
See:
We're starting to integrate SAST into gitlab-ci pipelines, but we should also be able to run locally too.