Move kics sarif package to reports dependency
Proposal
Update report to support parsing sarif reports.
Tasks
-
Move https://gitlab.com/gitlab-org/security-products/analyzers/kics/-/tree/main/sarif to https://gitlab.com/gitlab-org/security-products/analyzers/report -
Move test_fixturestotestdatato come inline with our best practices (ref: gitlab-org/security-products/analyzers/kics!1 (comment 717845247)) -
Look into whether or not we need to accept metadata or can get it from the sarif report (e.g. gitlab-org/security-products/analyzers/kics!1 (comment 716367814)). (decided against it) -
Update https://gitlab.com/gitlab-org/security-products/analyzers/kics to use report -
Update https://gitlab.com/gitlab-org/security-products/analyzers/semgrep to use report
Edited by Daniel Paul Searles