{"id":31770016,"url":"https://github.com/jfrog/jfrog-apps-config","last_synced_at":"2025-10-10T02:56:25.121Z","repository":{"id":192515652,"uuid":"686654494","full_name":"jfrog/jfrog-apps-config","owner":"jfrog","description":"The configuration file allows you to refine your JFrog Advanced Security scans behavior according to your specific project needs and structures, leading to better and more accurate scan results.","archived":false,"fork":false,"pushed_at":"2023-09-07T14:14:43.000Z","size":16,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":6,"default_branch":"main","last_synced_at":"2024-08-18T09:39:35.342Z","etag":null,"topics":["frogbot","jas","jfrog","jfrog-advanced-security","jfrog-artifactory","jfrog-cli","jfrog-idea-plugin","jfrog-vscode-extension","jfrog-xray"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jfrog.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-09-03T14:12:25.000Z","updated_at":"2024-08-18T07:35:00.000Z","dependencies_parsed_at":null,"dependency_job_id":"678f690d-9999-4b11-9883-2b25ecdbdf26","html_url":"https://github.com/jfrog/jfrog-apps-config","commit_stats":null,"previous_names":["jfrog/jfrog-apps-config"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/jfrog/jfrog-apps-config","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2Fjfrog-apps-config","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2Fjfrog-apps-config/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2Fjfrog-apps-config/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2Fjfrog-apps-config/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jfrog","download_url":"https://codeload.github.com/jfrog/jfrog-apps-config/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jfrog%2Fjfrog-apps-config/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279002512,"owners_count":26083403,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-10T02:00:06.843Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["frogbot","jas","jfrog","jfrog-advanced-security","jfrog-artifactory","jfrog-cli","jfrog-idea-plugin","jfrog-vscode-extension","jfrog-xray"],"created_at":"2025-10-10T02:56:20.790Z","updated_at":"2025-10-10T02:56:25.114Z","avatar_url":"https://github.com/jfrog.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# JFrog Applications Config\n\nThe JFrog Applications Config schema is used to define the configuration schema used by some for the JFrog applications, such as JFrog CLI, JFrog Frogbot and the JFrog IDE integrations. This configuration schema is used to define the rules and settings for the JFrog source code scanning tools.\n\nBy consolidating the relevant settings, rules and policies into a single file, developers and security teams can easily manage and update scanning configurations, ensuring consistent and effective code analysis.\n\n## Project status\n\n[![Scanned by Frogbot](https://raw.github.com/jfrog/frogbot/master/images/frogbot-badge.svg)](https://github.com/jfrog/frogbot#readme)\n[![Test](https://github.com/jfrog/jfrog-apps-config/actions/workflows/test.yml/badge.svg)](https://github.com/jfrog/jfrog-apps-config/actions/workflows/test.yml)\n[![Static Analysis](https://github.com/jfrog/jfrog-apps-config/actions/workflows/analysis.yml/badge.svg)](https://github.com/jfrog/jfrog-apps-config/actions/workflows/analysis.yml)\n\n## Schema:\n\n```yaml\n# [Required] JFrog Applications Config version\nversion: \"1.0\"\n\nmodules:\n  # [Required] Module name\n  - name: FrogLeapApp\n    # [Optional, default: \".\"] Application's root directory\n    source_root: \"src\"\n    # [Optional] Directories to exclude from scanning across all scanners\n    exclude_patterns:\n      - \"docs/\"\n    # [Optional] Scanners to exclude from JFrog Advanced Security (Options: \"secrets\", \"sast\", \"iac\")\n    exclude_scanners:\n      - secrets\n    # [Optional] Customize scanner configurations\n    scanners:\n      # [Optional] Configuration for Static Application Security Testing (SAST)\n      sast:\n        # [Optional] Specify the programming language for SAST\n        language: java\n        # [Optional] Working directories specific to SAST (Relative to source_root)\n        working_dirs:\n          - \"dir1\"\n          - \"dir2\"\n        # [Optional] Additional exclude patterns for this scanner\n        exclude_patterns:\n          - \"dir1/test/**\"\n        # [Optional] List of specific scan rules to exclude from the scan\n        excluded_rules:\n          - xss-injection\n\n      # [Optional] Configuration for secrets scan\n      secrets:\n        # [Optional] Working directories specific to the secret scanner (Relative to source_root)\n        working_dirs:\n          - \"dir1\"\n          - \"dir2\"\n        # [Optional] Additional exclude patterns for this scanner\n        exclude_patterns:\n          - \"dir1/test/**\"\n\n      # [Optional] Configuration for Infrastructure as Code scan (IaC)\n      iac:\n        # [Optional] Working directories specific to IaC (Relative to source_root)\n        working_dirs:\n          - \"dir1\"\n          - \"dir2\"\n        # [Optional] Additional exclude patterns for this Scanner\n        exclude_patterns:\n          - \"dir1/test/**\"\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjfrog%2Fjfrog-apps-config","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjfrog%2Fjfrog-apps-config","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjfrog%2Fjfrog-apps-config/lists"}