sast

Run a static application security test (SAST)

Synopsis

Run a static application security test using the configured SAST tool.

This command executes the configured SAST scanner (semgrep) against the project path provided via flags or configuration, obfuscates sensitive snippets, and uploads the SARIF results to DevGuard. The request is signed using the configured token before upload.

You may pass the target as the first positional argument instead of using --path.

Examples

Options

Options inherited from parent commands

Have feedback? We want to hear from you!

Fields marked with * are required