How to tag NG SAST results with the Git branch name

ShiftLeft CORE's NG SAST allows you to provide branch names to distinguish analysis results for one branch from another.

To include the branch name in your NG SAST results:

  1. Obtain the branch name from your version control system. For example, Git allows you to do this using git symbolic-ref --short HEAD.

  2. Add the branch name you obtained in the previous step to the script you use to automate the running of NG-SAST using the --tag option (i.e., sl analyze --tag branch=`git symbolic-ref --short HEAD`)

If you're working in a GitHub environment (e.g., GitHub Actions), you can also use --tag branch=${{ github.head_ref }} to populate your branch name. If you don't provide one, but ShiftLeft detects a branch name via your analysis, it will use that name.

At this point, ShiftLeft will include the branch name when displaying results from your code analyses in the Dashboard.

Image of the Version Menu