-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy path.asist.example.yaml
More file actions
72 lines (67 loc) · 2.97 KB
/
.asist.example.yaml
File metadata and controls
72 lines (67 loc) · 2.97 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
---
# `enableallstandardrules` property used to enable or disable the standard rules. Set true/false to enable/disable all standard rules.
# `excludefilesandfolders` property used to exclude files or folders from getting scanned. Add regex or name of files or folders.
enableallstandardrules: true
# `Note` : ASIST is supporting only forward slash(/) in the file and directory path.
excludefilesandfolders:
- "/force-app-autotests/"
- "yui3_1"
- "yui_combo"
- "/.*sfdx/"
# `dontgitignore` property used to disable the ignoring files or directories from .gitignore.
dontgitignore: false
# `dontforceignore` property used to disable the ignoring files or directories from .forceignore.
dontforceignore: false
# cicdrules property used to run specific rules in CI/CD pipelines. Specify RuleIds of standard or custom rules.
cicdrules:
- "XSSLabel"
- "XSSMergeField"
- "XSSTooltip"
# `ruleoverrides` property is used to override some properties of standard rules. The following are defined below:
# severity: Low|Medium|High|Critical
# includepattern: specify files or folders to be included from scans.
# excludepattern: specify files or folders to be excluded from scans.
# `enabled` property is used to enable/disable a particular rule. It will override `enableAllStandardRules` property.
# `cicdmaxissues` property sets maximum allowed issue count (default is 0 if not specified - no issues allowed).
# This is useful when introducing ASIST to a codebase with existing issues - you can gradually reduce cicdmaxissues.
ruleoverrides:
XSSTooltip: # Rule Id to be overriden
severity: Medium
enabled: true
cicdmaxissues: 50 # Allow up to 50 XSSTooltip issues (grandfathered existing issues)
XSSLabel:
includepattern: "\\.page$|\\.component$"
enabled: true
XSSDomHtml:
includepattern: "\\.js$|\\.page$|\\.component$"
excludepattern: "\\.test.js$"
enabled: true
# `customregexrules` is used to create custom rules. The properties is to be defined are as follows:
# name: name of custom rule
# description: Contains brief information of custom rule
# severity: Low|Medium|High|Critical
# rulecategory: Security|Performance|Code Quality|UX
# includepattern: specify file types to be scanned.
# excludepattern: specify file types not to be scanned.
# `enabled` property is used to enable/disable a custom rule.
# `cicdmaxissues` property sets the maximum allowed issue count for this custom rule in CI/CD mode (default is 0).
customregexrules:
CustomRule1:
name: customName1
description: Please fix this
enabled: false
severity: High
rulecategory: Security
pattern: Label
includepattern: "\\.component$|\\.page$|\\.cls$|\\.email"
excludepattern: ""
cicdmaxissues: 10 # Allow up to 10 CustomRule1 issues in CI/CD mode
CustomRule2:
name: customName2
description: Please fix this custom rule
severity: Low
rulecategory: Performance
enabled: false
pattern: "System\\.debug"
includepattern: "\\.cls$"
excludepattern: ""