Run a SAST scan
To run a SAST scan on a project run the following command.
endorctl scan --sast -n <project namespace>
You can run the endorctl scan --sast command with the following options.
| Option | Description |
|---|---|
-n, --namespace |
Namespace of the project with which you are working. Mandatory. |
--include-path |
Limit the scan to the specified file paths or directories using Glob style expressions. For example, --include-path="src/java/**”, scans all the files under src/java, including any subdirectories, while --include-path="src/java/*”, only includes the files directly under src/java. Paths must be relative to the root of the repository. Use quotes to ensure that your shell does not expand wildcards. |
--exclude-path |
Specify one or more file paths or directories using Glob style expressions. For example, --include-path="src/java/**”, scans all the files under src/java, including any subdirectories, while --include-path="src/java/*”, only includes the files directly under src/java. Paths must be relative to the root of the repository. Use quotes to ensure that your shell does not expand wildcards. |
--disable-code-snippet-storage |
Specify the flag to disable storing the code snippet that violates the SAST policy. |
--path |
The path to issue the scan. |
Feedback
Was this page helpful?
Thanks for the feedback. Write to us at support@endor.ai to tell us more.
Thanks for the feedback. Write to us at support@endor.ai to tell us more.