AniNIX/Maat
AniNIX/Maat
3
0
Fork 0
Code Issues 4 Pull Requests 1 Releases Wiki Activity

Add SAST/DAST into the testing pipeline #5

New Issue
Open
opened 2023-02-22 22:17:42 -06:00 by DarkFeather · 1 comment
DarkFeather commented 2023-02-22 22:17:42 -06:00
Owner
Copy Link

We should add SAST as part of a universal testing framework on all packages prior to delivery. semgrep is a freeware option already in the AUR.

We should also consider adding some kind of DAST pipeline with ossf/package-analysis, though this will require including a Docker environment for testing.

SAST should get implemented first, and then DAST can follow.

We should add SAST as part of a universal testing framework on all packages prior to delivery. [semgrep](https://aur.archlinux.org/packages/semgrep-bin) is a freeware option already in the AUR. We should also consider adding some kind of DAST pipeline with [ossf/package-analysis](https://github.com/ossf/package-analysis), though this will require including a Docker environment for testing. SAST should get implemented first, and then DAST can follow.
DarkFeather commented 2023-11-09 13:24:52 -06:00
Author
Owner
Copy Link

This replaces AniNIX/Wiki#4.

Potential tools:

This replaces AniNIX/Wiki#4. Potential tools: * [Bandit](https://pypi.org/project/bandit/) for SAST * [Zed Attack Proxy](https://www.zaproxy.org/) for DAST * [DefectDojo](https://github.com/DefectDojo/django-DefectDojo)
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels   
Blocked

There are functional or technical reasons this can't be implemented yet

  
Duplicate

Another issue or PR already describes this issue

  
On-hold

Evaluated but not enough resources to complete now

  
Peer-review

Being reviewed for quality prior to merge

  
RFC

More information and feedback is needed

  
Wontfix

Not a bug -- way it works

  
Blocked

There are functional or technical reasons this can't be implemented yet

  
Duplicate

Another issue or PR already describes this issue

  
In-progress

Being worked.

  
On-hold

Evaluated but not enough resources to complete now

  
Peer-review

Being reviewed for quality prior to merge

  
RFC

More information and feedback is needed

  
Wontfix

Not a bug -- way it works

No Label
Blocked
Duplicate
On-hold
Peer-review
RFC
Wontfix
Blocked
Duplicate
In-progress
On-hold
Peer-review
RFC
Wontfix
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: AniNIX/Maat#5
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?