Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/oelmekki/sasty
ncurses interface to read Gitlab's SAST reports
https://github.com/oelmekki/sasty
gitlab gitlab-ci sast
Last synced: 17 days ago
JSON representation
ncurses interface to read Gitlab's SAST reports
- Host: GitHub
- URL: https://github.com/oelmekki/sasty
- Owner: oelmekki
- License: gpl-3.0
- Created: 2023-07-01T16:22:57.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2023-11-08T15:17:40.000Z (about 1 year ago)
- Last Synced: 2023-11-08T16:30:47.101Z (about 1 year ago)
- Topics: gitlab, gitlab-ci, sast
- Language: C
- Homepage:
- Size: 258 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Sasty
Sasty is a ncurses interface to read [Gitlab's SAST reports](https://docs.gitlab.com/ee/user/application_security/index.html#view-security-scan-information-in-merge-requests).
![Screenshot](./screenshot.png)
Sasty supports the following static analyzers on Gitlab CI:
* Semgrep
* Flawfinder> Note for Github users : development is happening
> on [Gitlab](https://gitlab.com/oelmekki/sasty), please submit any issue
> there or merge request there.## Dependencies
Sasty depends on:
* **gcc** (gentoo: sys-devel/gcc, debian/ubuntu: gcc)
* Note that you can use an other compiler with the `CC` variable.
* **make** (gentoo: sys-devel/make, debian/ubuntu: make)
* **pkg-config** (gentoo: dev-util/pkgconf, debian/ubuntu: pkg-config)
* **ncurses** (gentoo: sys-libs/ncurses, debian/ubuntu: libncursesw5-dev)
* **json-c** (gentoo: dev-libs/json-c, debian/ubuntu: libjson-c-dev)## Installation
```
make # build with gcc
# make CC=clang # build with clang instead
sudo make install # will install in /usr/local/bin
# make install PREFIX=~/ # will install instead in ~/bin
```## Usage
```
sasty [-h|--help]Brings a ncurses interface to inspect Gitlab's SAST reports.
You must provide a path to a downloaded JSON report.
If you execute sasty within the analyzed codebase's directory,
you will see snippets of the code related to each report. You
must be at the root of that directory for this to happen.
```## Compatibility?
Note that it's the first time I publish a ncurses program, so I have no
clue if this will be cross-platform. If it doesn't build on your platform,
please let me know in the [issues](https://gitlab.com/oelmekki/sasty/-/issues).