ast-sast-export

command module

v1.5.0 Latest Latest Go to latest Published: May 6, 2024 License: Apache-2.0 Imports: 1 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/checkmarxDev/ast-sast-export

Links

Open Source Insights

README ¶

SAST to AST Export

SAST to AST Export is a standalone Checkmarx tool.
Explore the docs »

Report Bug · Request Feature

SAST to AST Export

Exports SAST triaged results for importing in AST.

Description

Fetches SAST triaged results and exports as an encrypted package, which can then be imported in AST.

Getting Started

Prerequisites

Microsoft Windows x64.

SAST v9.3 or higher.

Installation

Download the latest version and extract the package contents
Create export user in SAST
- Assign the following permissions:
  1. Sast > API > Use Odata
  2. Sast > Reports > Generate Scan Report
  3. Sast > Scan Results > View Results
  4. Access Control > General > Manage Authentication Providers
  5. Access Control > General > Manage Roles
Please refer to Wiki for more details

Execution

Run export with:

.\cxsast_exporter --user username --pass password --url http://localhost

Replace username and password with user credentials.
Replace http://localhost with the url to SAST, if necessary.

Additional Documentation

Refer to the project Wiki for additional information

Similarity Calculator

The exporter relies on a Windows binary for similarity calculation. This is internally built by Checkmarx and provided in the external folder for inclusion with the build.

Contributing

We appreciate feedback and contribution to this repo! Before you get started, please see the following:

License

Distributed under the Apache 2.0. See LICENSE for more information.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
cmd
internal
app/astquery
app/common
app/encryption
app/export
app/interfaces
app/logging
app/metadata
app/permissions
app/preset
app/querymapping
app/report
app/resultsmapping
app/worker
integration/common
integration/rest
integration/similarity
integration/soap
persistence/installation
persistence/methodline
persistence/preset
persistence/queries
persistence/sourcefile
pkg
aesctr aesctr Credits: https://github.com/Xeoncross/go-aesctr-with-hmac	aesctr Credits: https://github.com/Xeoncross/go-aesctr-with-hmac
sliceutils
test
mocks/app/ast_query Code generated by MockGen.	Code generated by MockGen.
mocks/app/ast_query_id Code generated by MockGen.	Code generated by MockGen.
mocks/app/ast_query_mapping Code generated by MockGen.	Code generated by MockGen.
mocks/app/export Code generated by MockGen.	Code generated by MockGen.
mocks/app/installation Code generated by MockGen.	Code generated by MockGen.
mocks/app/metadata Code generated by MockGen.	Code generated by MockGen.
mocks/app/method_line Code generated by MockGen.	Code generated by MockGen.
mocks/app/preset Code generated by MockGen.	Code generated by MockGen.
mocks/app/queries Code generated by MockGen.	Code generated by MockGen.
mocks/app/source_file Code generated by MockGen.	Code generated by MockGen.
mocks/integration/rest Code generated by MockGen.	Code generated by MockGen.
mocks/integration/similarity Code generated by MockGen.	Code generated by MockGen.
mocks/integration/soap Code generated by MockGen.	Code generated by MockGen.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL