Add ShiftLeft build rules

[shiftleft-chuck]

This pull request enables build rules. You can read more about build rules here. The build rules are controlled by the shiftleft.yml file in the repository.

Visit shiftleft.io to see the security findings for this repository.

We've done a few things on your behalf

• Forked this demo application
• Generated a unique secret SHIFTLEFT_ACCESS_TOKEN to allow GitHub Actions in this repository to communicate with the ShiftLeft API
• Committed a GitHub Action that will invoke ShiftLeft CORE's NextGen Static Application Security Testing (NG SAST) on all future pull requests on this repository
• Created this pull request that demonstrates build rules. It also adds a status check that displays the result of the GitHub Action

Questions? Comments? Want to learn more? Get in touch with us or check out our documentation.

[github-actions]

Summary

ShiftLeft NextGen Static Analysis detected 40 findings in this PR

Severity	Count
Critical	8
Moderate	4
Info	3

Additionally there are 21 secrets leaked.

An additional 4 insights (potential vulnerabilities) require further review.

Build Rules

Build rule with ID "allow-zero-findings" failed because it matched 15 findings and the configured threshold is 0

Get more information about this scan.

[shiftleft-chuck]

merged