Run Talisman in CLI mode and use “–scan” argument to scan the git commit history along with “–reportDirectory” argument to save the scan reports to a directory. The report will be in JSON format.

Additionally, you can set up Git Hooks to automate the scan and then send the generated reports to DefectDojo using its API.



# Set DefectDojo API credential and other variables

# Run talisman in CLI mode and output the result in JSON format
CMD="talisman --scan --ignoreHistory --reportDirectory $TALISMAN_RESULTS_DIR"

# Extract the result
result=$(jq '.results[].filename' "${TALISMAN_RESULTS_DIR}/talisman_reports/data/report.json")

# Check if result is not empty
if [ -n "$result" ]; then
  # If talisman found issues, send the JSON output to DefectDojo API endpoint
  curl -X POST \
    -H "Authorization: Token $DEFECTDOJO_API_KEY" \
    -H "Content-Type: application/json" \
    -d "@$TALISMAN_RESULTS_DIR/talisman_reports/data/report.json" \

  # Exit with a non-zero status code to indicate that the commit should be rejected
  exit 1
  # If talisman did not find any issues, exit with a zero status code
  exit 0

Sample Scan Data

Sample Talisman scans can be found here.

Last modified February 5, 2024: Update versions (738dca4)