Skip to content

v7.0.0 - SARIF, Trivy, SBOM, Compliance, Multi-Repo, Webhook

Choose a tag to compare

@OmarRao OmarRao released this 23 Jun 20:28

What's New in v7.0.0

SARIF 2.1.0 Export (--sarif)

Produces a SARIF file compatible with the GitHub Code Scanning API and GitHub Security tab.

Trivy Container Scanning (--image )

Runs Trivy against a Docker image and Dockerfiles in the repo.

CycloneDX SBOM (--sbom)

Generates a CycloneDX 1.4 JSON SBOM from dependency scan results.

Compliance Posture Report (--compliance)

Maps each CWE finding to PCI DSS v4.0, NIST SP 800-53 Rev 5, OWASP Top 10, and SANS/CWE Top 25.

Multi-Repo Scanning

Scan multiple repos with --repos or --repos-file.

GitHub Webhook Trigger

Run as a persistent server: python main.py --webhook --port 8080