Update bearer configuration

anynines · Dec 6, 2024 · e36b8e7 · e36b8e7
1 parent 78a7805
commit e36b8e7
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/.github/workflows/github-security-checks.yml b/.github/workflows/github-security-checks.yml
@@ -20,7 +20,7 @@ jobs:
           git config --global --add safe.directory '*'
       - name: SAST Scan
         working-directory: .
-        run: bearer scan . ./ci/config/bearer.yml
+        run: bearer scan . --config-file ./ci/configs/bearer.yml 
       - name: Commit changes
         uses: EndBug/add-and-commit@v9
         with: 

diff --git a/ci/configs/bearer.yml b/ci/configs/bearer.yml
@@ -1,12 +1,11 @@
 disable-version-check: false
 log-level: info
 report:
-    fail-on-severity: critical,high,medium,low
     format: json
     no-color: false
-    output: ""
+    output: "./scan_results/bearer.out.json"
     report: security
-    severity: critical,high,medium,low,warning
+    severity: critical,high
 rule:
     disable-default-rules: false
     only-rule: []
@@ -22,6 +21,9 @@ scan:
     internal-domains: []
     parallel: 0
     quiet: true
+    exit-code: 0
     scanner:
         - secrets
+        - sast
     skip-test: true
+    skip-path: ['*/vendor']