From 0b514f28a76872913987d618c718bd8d5d809ada Mon Sep 17 00:00:00 2001 From: Alexis-Maurer Fortin Date: Wed, 21 May 2025 18:57:12 +0200 Subject: [PATCH 1/3] wip module --- .../boostsecurityio/malcontent/module.yaml | 23 +++++++++++++++++++ .../boostsecurityio/malcontent/rules.yaml | 3 +++ 2 files changed, 26 insertions(+) create mode 100644 scanners/boostsecurityio/malcontent/module.yaml create mode 100644 scanners/boostsecurityio/malcontent/rules.yaml diff --git a/scanners/boostsecurityio/malcontent/module.yaml b/scanners/boostsecurityio/malcontent/module.yaml new file mode 100644 index 00000000..057b99df --- /dev/null +++ b/scanners/boostsecurityio/malcontent/module.yaml @@ -0,0 +1,23 @@ +api_version: 1.0 + +id: boostsecurityio/malcontent +name: Malcontent +namespace: boostsecurityio/malcontent +scan_types: + - sast + +config: + support_diff_scan: true + +steps: + - scan: + command: + docker: + image: cgr.dev/chainguard/malcontent:latest + command: --format=json --min-risk=medium analyze . + workdir: /src + format: sarif + post-processor: + docker: + image: public.ecr.aws/boostsecurityio/boost-scanner-malcontent:f9648b0@sha256:38e2c536e627762253c9cb3d5e55fba77d0ed439c084e251cccb26e3008c5b73 + command: process diff --git a/scanners/boostsecurityio/malcontent/rules.yaml b/scanners/boostsecurityio/malcontent/rules.yaml new file mode 100644 index 00000000..b9070e6a --- /dev/null +++ b/scanners/boostsecurityio/malcontent/rules.yaml @@ -0,0 +1,3 @@ +import: + - boostsecurityio/sbom-sca + - boostsecurityio/oss-license From 542c6559a0fc4f515bf174798141b510f288ac67 Mon Sep 17 00:00:00 2001 From: Alexis-Maurer Fortin Date: Wed, 21 May 2025 19:08:20 +0200 Subject: [PATCH 2/3] new --- scanners/boostsecurityio/malcontent/module.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/boostsecurityio/malcontent/module.yaml b/scanners/boostsecurityio/malcontent/module.yaml index 057b99df..e34adbeb 100644 --- a/scanners/boostsecurityio/malcontent/module.yaml +++ b/scanners/boostsecurityio/malcontent/module.yaml @@ -19,5 +19,5 @@ steps: format: sarif post-processor: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-malcontent:f9648b0@sha256:38e2c536e627762253c9cb3d5e55fba77d0ed439c084e251cccb26e3008c5b73 + image: public.ecr.aws/boostsecurityio/boost-scanner-malcontent:0a559cb@sha256:dc4d24ab8bd8f0e90e9c789cb3700065491232563e9451a9829443 command: process From cba248ec3ae5d95155d7558da14d8e9b380fa9c4 Mon Sep 17 00:00:00 2001 From: Alexis-Maurer Fortin Date: Wed, 21 May 2025 19:11:33 +0200 Subject: [PATCH 3/3] new 2 --- scanners/boostsecurityio/malcontent/module.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scanners/boostsecurityio/malcontent/module.yaml b/scanners/boostsecurityio/malcontent/module.yaml index e34adbeb..e0d54d04 100644 --- a/scanners/boostsecurityio/malcontent/module.yaml +++ b/scanners/boostsecurityio/malcontent/module.yaml @@ -19,5 +19,5 @@ steps: format: sarif post-processor: docker: - image: public.ecr.aws/boostsecurityio/boost-scanner-malcontent:0a559cb@sha256:dc4d24ab8bd8f0e90e9c789cb3700065491232563e9451a9829443 + image: public.ecr.aws/boostsecurityio/boost-scanner-malcontent:0a559cb@sha256:dc4d24ab8bd8f0e90e9c789cb3700065491232563e9451a9829443ab123e915e command: process