prabhu
prabhu
Scan uses upload-sarif step with a directory called reports. If this directory happens to be empty (no results produced), then the upload step is failing as below: ``` Error: No...
**What's the problem this feature will solve?** Integrate [scan](https://slscan.io) with faraday by supporting [SARIF](https://slscan.io/en/latest/integrations/sarif/) format **Describe the solution you'd like** Native way of importing SARIF reports. Scan is a free...
Thank you for this library. While reviewing this project with ShiftLeft, I came across an insight pointing to this code https://github.com/peers/peerjs-server/blob/master/src/api/v1/calls/index.ts#L20 It appears like the payload object has no type,...
Thanks for this great project. ShiftLeft [scan](https://github.com/ShiftLeftSecurity/sast-scan) internally use this tool for scanning Kubernetes configuration files. Scan uses an open standard format called [SARIF](https://slscan.io/en/latest/integrations/sarif/) for reporting and can automatically convert...
While trying to invoke `build_library` with typescript is resulting in missing src/parser.c error. Is there any documentation on which languages are supported with the python binding?
Hi, This is a nice little project. However, as you might know, regexes are not that great for finding flaws. Would you consider rewriting this tool to use a data-flow...
Are the .sb versions still required for spotbugs compatibility? If yes, will you be able to upload the 7.4.7.sb version to maven central? For example, you can see them missing...
Trivy scan is reporting 1 critical and numerous high vulnerabilities against the official gcloud image. Please see attached [scan-result.json.txt](https://github.com/GoogleCloudPlatform/cloud-builders-community/files/3975793/scan-result.json.txt) Current reported critical issue: CVE-2019-3462 Please note: GCRs own scan is...
Scan version 2 is now in maintenance mode. Only critical fixes if any would be considered, with no new features planned. # What is the issue? Scan (formerly AppThreat sast-scan)...
Perhaps we create a separate docker image for android which bundles the required sdk. Currently, there is a lot of work required to scan android apps from source.