APPSECTOOLS-32710 Sec Onboard: Code Analysis Onboarding (#3)

peakon · Sep 11, 2024 · 9967bac · 9967bac
1 parent af83275
commit 9967bac
Showing 1 changed file with 31 additions and 0 deletions.
diff --git a/.security_config/security_config.yaml b/.security_config/security_config.yaml
@@ -0,0 +1,31 @@
+# yaml-language-server: $schema=https://security-api.appsec.inday.io/schemas/security_config.json
+# This is the configuration file for Chimera. This file is required to allow the scanning platform to scan your repo.
+# Please see https://wolinks.com/chimera for details.
+
+#####################
+# CHANGE LOG
+#####################
+# (re)adding code analysis service webhook: seeking approval on pr [https://api.github.com/repos/peakon/ioredis/pulls/3]
+# (re)adding code analysis service ac svc-secapi-appsec: seeking approval on pr [https://api.github.com/repos/peakon/ioredis/pulls/3]
+
+#####################
+# SLACK CONFIGURATION
+#####################
+# Uncomment the below section and provide a Slack channel's name to allow Chimera to
+# notify your slack channel about scans. Please see Chimera documentation on how to do this.
+#slack:
+  #enabled: true
+  #channel: <slack-channel-name>
+
+##########################
+# SCAN TOOL  CONFIGURATION
+##########################
+tools_config:
+  semgrep:
+    rulesets:
+    - p/typescript
+    - p/dockerfile
+    - p/javascript
+  snyk: {}
+  trufflehog: {}
+  checkov: {}