This action wraps the oss sast scanning tool called sast-scan. sast-scan supports a range of free and open source SAST scanners and comes with optimal configurations for various languages and frameworks.

With minimal configuration

- uses: AppThreat/sast-scan-action@master
  with:
    type: "python"

Upload reports to build artifacts

- uses: AppThreat/sast-scan-action@master
  with:
    type: "python"

- uses: actions/upload-artifact@v1
  with:
    name: reports
    path: reports