Skip to content

[docs] Write an integration guide for third-party audit tools (Semgrep, CodeQL, Slither) #1045

Description

@CelestinaBeing

Context

Security teams want to use Sanctifier alongside existing tools. We need a guide showing how to combine Sanctifier's SARIF output with Semgrep, CodeQL, or other SARIF-aware tools.

Work

  • Write docs/INTEGRATION-GUIDE.md covering:
    • Merging multiple SARIF files for unified reporting
    • GitHub Code Scanning with Sanctifier + CodeQL
    • Semgrep + Sanctifier workflow
    • Exporting to Jira / Linear via webhooks
  • Add a sample CI workflow for each integration

Acceptance criteria

  • docs/INTEGRATION-GUIDE.md merged
  • Sample GitHub Code Scanning workflow tested and working

Metadata

Metadata

Assignees

Labels

Stellar WaveIssues in the Stellar wave program

Type

No type
No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions