Skip to content

[K9VULN-11774] Add Code Security v1.0 schema support#838

Merged
jasonforal merged 8 commits intomainfrom
jf/K9VULN-11774
Mar 10, 2026
Merged

[K9VULN-11774] Add Code Security v1.0 schema support#838
jasonforal merged 8 commits intomainfrom
jf/K9VULN-11774

Conversation

@jasonforal
Copy link
Copy Markdown
Collaborator

@jasonforal jasonforal commented Mar 5, 2026
edited
Loading

It'll be easiest to review commit-by-commit.

What this PR does

datadog-static-analyzer, datadog-static-analyzer-git-hooks

Adds support for using a code-security.datadog.yaml file. The bulk of this is handled in babbacc.

IDE / datadog-static-analyzer-server

No behavior changes

  • All the plumbing exists to flip a switch for code-security.datadog.yaml support, but it remains artificially disabled until the IDE extension can be updated to handle the different files.
  • The only notable commit is 08d7c10, but it's very straightforward: I'm moving all of the YAML-mutating internals out of the server codebase and exposing a simple API (config_file.add_rulesets(...), etc).

Documentation

No changes (yet). The schema has not been formally launched.

Notes

  • I converted all integration tests to code-security.datadog.yaml. You can confirm that the tests still pass with this change reverted (K9VULN-11774-int-test). I prefer the simplicity of not trying to jam both into the same test or duplicating the test.
image

@jasonforal jasonforal requested review from a team as code owners March 5, 2026 23:38
@jasonforal jasonforal requested a review from albertvaka March 5, 2026 23:38
@datadog-datadog-prod-us1
Copy link
Copy Markdown

datadog-datadog-prod-us1 Bot commented Mar 5, 2026
edited by datadog-official Bot
Loading

🎯 Code Coverage (details)
Patch Coverage: -1.00%
Overall Coverage: 84.72% (-0.04%)

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 818fbb3 | Docs | Datadog PR Page | Was this helpful? React with 👍/👎 or give us feedback!

@jasonforal jasonforal changed the base branch from main to jf/K9VULN-11774-2 March 6, 2026 01:17
@jasonforal jasonforal mentioned this pull request Mar 6, 2026
Merged
robertohuertasm-datadog
robertohuertasm-datadog previously approved these changes Mar 6, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@robertohuertasm-datadog robertohuertasm-datadog left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I only reviewed the IDE-related changes, and they look good to me. 🚀 🚢

jacobotb
jacobotb previously approved these changes Mar 9, 2026
View reviewed changes
Base automatically changed from jf/K9VULN-11774-2 to main March 9, 2026 18:31
@jasonforal jasonforal dismissed stale reviews from jacobotb and robertohuertasm-datadog March 9, 2026 18:31

The base branch was changed.

@jasonforal jasonforal merged commit ebdc088 into main Mar 10, 2026
126 of 133 checks passed
@jasonforal jasonforal deleted the jf/K9VULN-11774 branch March 10, 2026 13:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jacobotb jacobotb jacobotb approved these changes

@robertohuertasm-datadog robertohuertasm-datadog robertohuertasm-datadog approved these changes

@albertvaka albertvaka Awaiting requested review from albertvaka albertvaka was automatically assigned from DataDog/ide-integration-static-analysis-server

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jasonforal @jacobotb @robertohuertasm-datadog