/** * QA360 Semgrep SAST Adapter (Socle OOTB) * Static Application Security Testing with configurable severity thresholds */ import { PackSecurity } from '../types/pack-v1.js'; export interface SemgrepTestConfig { workingDir: string; security?: PackSecurity; rules?: string[]; paths?: string[]; timeout?: number; configFile?: string; } export interface SemgrepFinding { ruleId: string; severity: 'INFO' | 'WARNING' | 'ERROR'; message: string; file: string; line: number; column: number; code?: string; fix?: string; } export interface SemgrepTestResult { success: boolean; findings: SemgrepFinding[]; summary: { total: number; critical: number; high: number; medium: number; low: number; info: number; }; thresholds: { sast_max_high: { passed: boolean; actual: number; budget: number; }; }; error?: string; rawOutput?: string; junit?: string; } export declare class SemgrepSastAdapter { private redactor; constructor(); /** * Execute Semgrep SAST scan */ runSastScan(config: SemgrepTestConfig): Promise; /** * Execute Semgrep command */ private executeSemgrep; /** * Parse Semgrep JSON results */ private parseSemgrepResults; /** * Map Semgrep severity to standard levels */ private mapSeverity; /** * Calculate findings summary */ private calculateSummary; /** * Check security thresholds */ private checkThresholds; /** * Generate JUnit XML */ private generateJUnit; /** * Get default summary structure */ private getDefaultSummary; /** * Get default thresholds */ private getDefaultThresholds; /** * Check if Semgrep is available */ static isAvailable(): Promise<{ available: boolean; error?: string; }>; /** * Validate SAST configuration */ static validateConfig(config: SemgrepTestConfig): { valid: boolean; errors: string[]; }; }