frogbot
frogbot copied to clipboard
🐸 Scans your Git repository with JFrog Xray for security vulnerabilities. 🤖
Will be awesome to have support for SBT packet management https://www.scala-sbt.org/index.html. Is this in the plans? We are using this very actively. Thanks guys!
### Describe the bug Running `frogbot scan-pull-request` in GitLab ci job ends with an error. The issue is related to using the Gradle Artifactory plugin. The same issue happens with...
**Is your feature request related to a problem? Please describe.** In a brand new repo, it is initialized with no package manager configuration. e.g. ``` $ git status On branch...
Hi, I tried to run frogbot on my poetry project (see https://github.com/joergsesterhenn/py-tic-tac-toe/actions/runs/3285427920/jobs/5412508082 ). I got this error message: ` /opt/hostedtoolcache/frogbot/[RELEASE]/x64/frogbot scan-pull-request 22:30:30 [Info] Running Frogbot "scan-pull-request" command 22:30:30 [Info] Auditing...
**Is your feature request related to a problem? Please describe.** I would like to be able to pass a maven option on-the-fly e.g. `-DdisableX=true` (currently our builds try and extract...
### Describe the bug We just tried installing frogbot and running it in our repository, it finds several go.mod files in subdirectories and reports vulnerabilities just fine. However, it then...
Using Artifactory remote repository JF_RELEASES_REPO produces an invalid URL: ``` https://artifactory.company.com/artifactory/myrepo/artifactory/frogbot/v2/[RELEASE]/frogbot-linux-amd64/frogbot ``` _twice artifactory keyword and two repositories name in the URL_ The fix includes a modification of the the...
Hello Team, Do you have any plans to allow OIDC authentication for frogbot instead of using an access token? https://jfrog.com/blog/secure-access-development-jfrog-github-oidc/ Thanks, Adi
Hi Team, I am trying to automate frogbot scan on my organization using azure pipeline when a PR is raised. inputs: script: | getFrogbotScriptPath=$(if [ -z "$JF_RELEASES_REPO" ]; then echo...
[comment]: (FrogbotReviewComment) [![🚨 This automated pull request was created by Frogbot and fixes the below:](https://raw.githubusercontent.com/jfrog/frogbot/master/resources/v2/vulnerabilitiesFixBannerPR.png)](https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot) ## 📦 Vulnerable Dependencies ### ✍️ Summary | SEVERITY | DIRECT DEPENDENCIES | IMPACTED DEPENDENCY...