Antonino Sabetta
Antonino Sabetta
Select 10-20 CVEs (from project-KB data) and run prospector on them; document the outcome, discussing in particular why prospector was successful or unsuccessful in each example. Data here: https://github.com/SAP/project-kb/tree/vulnerability-data/statements These...
For example, CVE-2021-27582 states that version 1.3.3 is vulnerable, but that is the last available. In this case, the commit interval should be left "open" to the right (that is,...
For example: - https://www.variot.eu/2020/03/11/creation-of-iot-vulnerabilities-and-exploits-databases/
Take all developer-oriented instructions and guidelines out of the top-level (prospector) readme.md file. Add to that file the recommendation about how to write good tests (e.g. no implict type casts...
This could be a simple page where one can enter (some of) the basic input parameters of the `client.cli.prospector()` function and submit the corresponding "search" job to the backend. The...
It is common, for "important" commits, to be back-ported to other branches; in particular, security fixes can be often found replicated across a number of branches, so this characteristic can...
For details please see our wiki page at https://wiki.wdf.sap.corp/wiki/display/ospodocs/Repository+Linter+Findings#RepositoryLinterFindings-Readme(rl-readme_file-XX)
For details please see our wiki page at https://wiki.wdf.sap.corp/wiki/display/ospodocs/Repository+Linter+Findings#RepositoryLinterFindings-Contributions(rl-contributor_file-XX)
Right now this is achieved with the bash script generated by `kaybee export -t steady-with-changed-source-code` but it's more logical to allow the user to achieve the same with something like:...