Add native GitLab SAST report format output

Currently, to use mobsfscan results in GitLab's Vulnerability Dashboard, users must export to SARIF and then use an external converter (like sarif-converter). This adds complexity to CI/CD pipelines and often results in lost metadata or poor mapping of vulnerability titles.
Proposed Change:
Add a new output flag --gitlab-sast (e.g., mobsfscan . --gitlab-sast -o gl-sast-report.json) that generates a JSON file conforming to the [GitLab SAST Report Format](https://www.google.com/search?q=https://docs.gitlab.com/ee/user/application_security/sast/report_format.html).
Benefits:
• Streamlines GitLab CI/CD integration.
• Ensures all MobSF-specific metadata (CWE, OWASP Mobile, MASVS) is correctly mapped to GitLab fields.
• Removes dependency on third-party Go/Python converters.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add native GitLab SAST report format output #115

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Add native GitLab SAST report format output #115

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions