Integrate Detekt with Vulnetix. Analyze Kotlin code for code smells, complexity, and potential issues with SARIF output.
KotlinCLI toolSARIF
Install & scan
$ // build.gradle.kts
plugins {
id("io.gitlab.arturbosch.detekt") version "1.23.7"
}
$ // In build.gradle.kts — enable SARIF reports
detekt {
reports {
sarif.required.set(true)
}
}
// Then run: ./gradlew detekt
Run Detekt in CI
Scan on every push and upload the results to Vulnetix:
- name: Run Detekt run: ./gradlew detekt - name: Upload to Vulnetix run: vulnetix upload --file build/reports/detekt/detekt.sarif
Centralise Detekt results in Vulnetix
Upload Detekt SARIF output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.