Chelsea Boling

@NielsDoucet Done.

Looking forward to https://github.com/DependencyTrack/dependency-track/issues/3218 as this will help me understand formatting issues of SBOMs 🚀

For secret scanning, I'm giving this one another review before approving and merging: https://github.com/github/codescanning-jira-integration/pull/7 For Dependabot, unfortunately we currently delete resolved alerts on our end, so it would be a...

The secret scanning PR has been thoroughly tested. I'll try to get other feedback this week so it can be merged asap!

Resolved Dependabot alerts are still not retained, but there are ways to sync the actual security/updates: https://github.com/namin2/dependabot_jira

Howdy @mario-campos!! In the case of Dependabot, I don't see any issues with syncing the Dependabot alerts, but when it comes to having a clear source of truth, it may...

I also changed the title since we already got the secret scanning stuff merge 😄

The README was updated to reflect this issue. According to the list endpoint, you must be an admin of the repo/org and the token must have the security scope. https://docs.github.com/en/rest/reference/secret-scanning#list-secret-scanning-alerts-for-a-repository...

Ok I can clear up the docs, no problem! @roimor are you an admin of the repo that you're testing? If there's someone on your team who is an org...

What are some issue types that you work with?