Semgrep to HTML Report

prospector

pip3 install prospector
pip3 install prospector2html
cd <python-project-sources-dir>
prospector --no-style-warnings --strictness medium --output-format json > prospector_report.json
prospector-html --input prospector_report.json
cat prospector-html-report.html

semgrep

pip3 install prospector2html
cd <project-sources-dir>
docker run --rm -v "${PWD}:/src" returntocorp/semgrep:latest semgrep scan --json --output semgrep-native-report.json --config=auto
prospector-html --input semgrep-native-report --output filtered-report.html --filter semgrep
cat filtered-report.html

GitLab CI SAST

pip3 install prospector2html
cd <project-sources-dir>
docker run --rm -v "${PWD}:/src" returntocorp/semgrep:latest semgrep ci --gitlab-sast --output gl-sast-report.json --config=auto
prospector-html --input gl-sast-report.json --output filtered-report.json --json --filter gitlab-sast
cat filtered-report.json

PreviousSemgrep NextCloud Security

Last updated 1 year ago