Lars
## Scenario A Specific Package gets Compromised (_such as xz-util_), now you want to check if any repository in your organization even uses this package and if so, what version...
I read an interesting blogpost by edera.dev about [Abandonware](https://edera.dev/stories/tarmageddon) > While the active forks have been [successfully patched](https://github.com/edera-dev/cve-tarmageddon/tree/main/patches) (see also [Astral Security Advisory](https://github.com/astral-sh/tokio-tar/security/advisories/GHSA-j5gw-2vrg-8fgx)), this disclosure highlights a major systemic challenge:...
https://uptrace.dev/glossary/context-deadline-exceeded Applies for Container Scanning and SCA this results in the pipelines always failing
This is very cluttered and it doesnt show where to find the reporter role
probably of new router mechanic
this might be semgreps fault since its detecting the char sequence as a token or secret?
I was trying to copy the sarif of another repository from devguard.
just click on the card and continue