AniNIX/Maat
3
0
Fork 0
Code Issues 4 Pull Requests 1 Releases Wiki Activity

Add SAST/DAST into the testing pipeline #5

New Issue
Open
opened 2023-02-22 22:17:42 -06:00 by DarkFeather · 1 comment
DarkFeather commented 2023-02-22 22:17:42 -06:00
Owner
Copy Link

We should add SAST as part of a universal testing framework on all packages prior to delivery. semgrep is a freeware option already in the AUR.

We should also consider adding some kind of DAST pipeline with ossf/package-analysis, though this will require including a Docker environment for testing.

SAST should get implemented first, and then DAST can follow.

We should add SAST as part of a universal testing framework on all packages prior to delivery. [semgrep](https://aur.archlinux.org/packages/semgrep-bin) is a freeware option already in the AUR. We should also consider adding some kind of DAST pipeline with [ossf/package-analysis](https://github.com/ossf/package-analysis), though this will require including a Docker environment for testing. SAST should get implemented first, and then DAST can follow.
DarkFeather commented 2023-11-09 13:24:52 -06:00
Author
Owner
Copy Link

This replaces AniNIX/Wiki#4.

Potential tools:

This replaces AniNIX/Wiki#4. Potential tools: * [Bandit](https://pypi.org/project/bandit/) for SAST * [Zed Attack Proxy](https://www.zaproxy.org/) for DAST * [DefectDojo](https://github.com/DefectDojo/django-DefectDojo)
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Blocked
There are functional or technical reasons this can't be implemented yet
Duplicate
Another issue or PR already describes this issue
On-hold
Evaluated but not enough resources to complete now
Peer-review
Being reviewed for quality prior to merge
RFC
More information and feedback is needed
Wontfix
Not a bug -- way it works
Blocked
There are functional or technical reasons this can't be implemented yet
Duplicate
Another issue or PR already describes this issue
In-progress
Being worked.
On-hold
Evaluated but not enough resources to complete now
Peer-review
Being reviewed for quality prior to merge
RFC
More information and feedback is needed
Wontfix
Not a bug -- way it works
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
DarkFeather jml project2501
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: AniNIX/Maat#5
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?