salus

salus copied to clipboard

ghbren

geraldnash-cb

Testing YarnAudit Auto Fix functionality.

maitrayshah-cb

scan erros if package-lock.json is present when active_scanners: all

1

Hello salus team, thank you for this great resource! An issue I noticed when testing on https://github.com/hMatoba/piexifjs salus.yaml has 'active_scanners: all' only, the scan errors out (see screenshot below) works...

nonameyo

test with ```yaml reports: - uri: file://out.json format: autofix ```

ghbren

Updated parsing of gradle dependencies using `reportDependencies` task. For this to work the users would need to update the root build.gradle to create a task which Salus will call during...

maitrayshah-cb

This PR still causes test failures and should not be merged, it is created to document my progress for future work

spoken-angus

Added license detection for pypi packages. It curls `https://pypi.org/pypi/` to collect that information.

maitrayshah-cb

Add basic support for Sobelow

7

With regards to #627 This PR is intended to be a minimum viable scanner. It will correctly detect and scan Phoenix applications. Instructions for omitting false positives are found in...

alex0112

npm auto fix spike. Use `AUTOFIX` in docker run. ``` docker run --rm --env AUTOFIX=true -t -v $(pwd):/home/repo salus-local ``` Example 👍 output ``` %docker run --rm --env AUTOFIX=true -t...

ghbren