Commit Identification¶

Track your application's security posture over time by identifying the commits associated with each security scan.

Supported CI Environments¶

Automatic commit data collection: - GitHub Actions - GitLab CI - Bitbucket Pipelines - CircleCI - Travis CI

Coming soon: - Jenkins Pipeline

Manual commit identification: - CLI usage - Direct API calls

Stored Information¶

For each scan, Escape saves: - Commit SHA identification - Git reference name - Committer email

Implementation Examples¶

Travis CICLIAPI

language: node_js
node_js:
  - node

jobs:
  include:
    - stage: security
      if: branch = staging
      script:
        - npm install -g @escape.tech/action
        - npm show @escape.tech/action version
        - escape-action
      env:
        - ESCAPE_APPLICATION_ID=$ESCAPE_APPLICATION_ID
        - ESCAPE_API_KEY=$ESCAPE_API_KEY
        - COMMIT_HASH=$(git rev-parse HEAD)
        - REF_NAME=$(git rev-parse --abbrev-ref HEAD)
        - USER_EMAIL=$(git log -1 --pretty=format:'%ae')

stages:
  - security

export ESCAPE_APPLICATION_ID=<YOUR APPLICATION ID>
export ESCAPE_API_KEY=<YOUR API KEY>
export COMMIT_HASH=$(git rev-parse HEAD)
export REF_NAME=$(git rev-parse --abbrev-ref HEAD)
export USER_EMAIL=$(git log -1 --pretty=format:'%ae')

npm i -g @escape.tech/action
escape-action

export APPLICATION_ID=<YOUR APPLICATION ID>
export API_KEY=<YOUR API KEY>


curl -X POST \
-H "Authorization: Key $API_KEY" \
-H "Content-Type: application/json" \
-d "{ \"commitHash\": \"$(git rev-parse HEAD)\", \"commitBranch\": \"$(git rev-parse --abbrev-ref HEAD)\", \"commitAuthor\": \"$(git log -1 --pretty=format:'%ae')\"  }" \
https://public.escape.tech/applications/$APPLICATION_ID/start-scan