SAST

python3 -m pip install --index-url=https://mirrors.aliyun.com/pypi/simple/ --upgrade semgrep

semgrep scan --verbose --disable-version-check --metrics off --scan-unknown-extensions --config r/java --config r/contrib.owasp.java --sarif -o semgrep-result.sarif.json '/Users/user/Documents/IdeaProjects/text-masker/'

xcode-select --install

./codeql version
./codeql resolve qlpacks
./codeql resolve languages

mkdir db
./codeql database create  ./db/text-masker --language java --command './gradlew classes --no-daemon --rerun-tasks' --source-root '/Users/user/Documents/IdeaProjects/text-masker/'
./codeql database upgrade ./db/text-masker
./codeql database analyze ./db/text-masker --format sarif-latest --output codeql-result.sarif.json codeql/java/ql/src/Security/CWE/CWE-798/HardcodedCredentialsApiCall.ql

gitleaks detect -v -f sarif -r gitleaks-result.sarif.json -s '/Users/user/Documents/IdeaProjects/text-masker/'

gosec -no-fail -fmt sarif -out gosec-result.sarif.json '/Users/user/Documents/IdeaProjects/text-masker/...'

kics scan --no-progress --report-formats 'sarif,html,pdf' --output-name kics-result -o ./ -p '/Users/user/Documents/IdeaProjects/text-masker/'