Stefan Fleckenstein
Stefan Fleckenstein
Reopening because it is not fixed yet
It definitely works without rebuilding the docker files. I have set the configuration for Azure AD while deploying the Helm chart and it works as expected.
I don't see why the `unique_id_from_tool` is set in this parser. As @Maffooch said, this field should be set with a unique id that comes from the tool and you...
Hi @dvelardez, thanks for the change, can you please provide a unit test as well?
The SARIF output is syntactically correct, the SARIF file is allowed to have multiple `physicalLocation` objects per `result`. That's why the tools says the file is valid. But the specification...
Thanks for your quick response! I found the `references` in the yaml files of the PyPA advisory DB, e.g. https://github.com/pypa/advisory-db/blob/8aa52f490ff7a87026814b5634808f5824d4018a/vulns/aiohttp-session/PYSEC-2018-35.yaml#L41. Don't know how they are called in their JSON response.
How do you query the API? Using ``` curl -X POST -d \ '{"version": "2.6.0", "package": {"name": "aiohttp-session", "ecosystem": "PyPI"}}' \ "https://api.osv.dev/v1/query" ``` I get this result, including the references:...
Of course the fix versions are already there, my fault. Having the `aliases` and the `link` would already be a great start.
Working on it, but may take a while
released with https://github.com/MaibornWolff/SecObserve/releases/tag/v1.15.0