SAPP Github Action allows you run SAPP (Static Analysis Post Processor) in CI to post process static analysis results from tools like Pysa and Mariana Trench.
SAPP Action will upload the results after applying filters in SARIF to GitHub, where you can view them in the Security tab of your repo.
# .github/workflows/test.yml
- name: Saving static analysis results for SAPP
uses: actions/upload-artifact@v2
with:
name: static-analysis-results
path: ./path/to/static-analysis-output
if-no-files-found: error
- name: Postprocess static analysis results
uses: facebook/sapp-action@main
with:
version: latest # version of fb-sapp on PyPi you want to use
artifact-handle: static-analysis-results
filters-directory: /path/to/sapp/filters
SAPP Action is licensed under the MIT license.