(fulfills https://www.mediawiki.org/wiki/Wikimedia_Engineering/2015-16_Q2_Goals#Security)
Can use Jenkins eventually (https://wiki.jenkins-ci.org/display/JENKINS/Veracode+Scanner+Plugin), but a script like https://github.com/OnLineStrategies/veracode-scripts/blob/master/submitToVeracode.py on cron will also work.