salus.yaml

active_scanners:
  - Brakeman
  - BundleAudit
  - PatternSearch
  - RepoNotEmpty
  - RubyPackageScanner
  - RubyVersionScanner
  - Semgrep
  - Trufflehog
enforced_scanners:
  - Brakeman
  - BundleAudit
  - PatternSearch
  - RepoNotEmpty
  - Semgrep
  - Trufflehog

scanner_configs:
  Gosec:
    exclude-dir:
      - spec/fixtures
      - spec/fixtures/gosec/buildtags_goapp # cannot be correctly built by gosec at this time
      - spec/fixtures/gosec/malformed_goapp # knowingly malformed anc can't be built
      - spec/fixtures/gosec/nosec-tag
      - spec/fixtures/gosec/multiple_vulns
      - spec/fixtures/gosec/buildtags_goapp
      - spec/fixtures/gosec/vulnerable_goapp
      - spec/fixtures/gosec/multifolder_goapp
      - spec/fixtures/gosec/recursive_vulnerable_goapp
      - spec/fixtures/gosec/multi_goapps
  RubyVersionScanner:
    warn:
      min_version: '3.0.0'
      max_version: '3.1.0'
    error:
      min_version: '3.0.0'