Skip to Content
CI CD IntegrationPre-phase: Static Application Security Testing (SAST)

title: “Pre-phase: SAST”

Pre-phase: Static Application Security Testing (SAST)

The Pre-phase scan analyzes your source code for security vulnerabilities, hardcoded secrets, and compliance issues before your application is built or deployed.

Example Workflow: SAST Scan

This job checks out your code and runs the Pre-phase action against your repository.

jobs:
  sast-scan:
    name: Pre-phase - SAST Scan
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Code
        uses: actions/checkout@v4
 
      - name: Run Hashsecured Pre-phase Scan
        uses: clockhash-kiran/scan-actions/pre-phase@main
        with:
          target_url: 'your-github-org/your-repo-name'
          user_id: 'YOUR_USER_ID'
          project_id: 'YOUR_PROJECT_ID'
          api_token: ${{ secrets.Hashsecured_API_TOKEN }}
          pat: ${{ secrets.PAT_TOKEN }}
          branch: 'main'
Post-phase: DASTRunning Manual Scans