refoo0
refoo0
I do not really like the wording "affected_component". Usually we are talking about a **range** of affected components rather that a single one - which the wording suggests.
We should include github basescores, if there is currently no base score from the nist available. Example: https://nvd.nist.gov/vuln/detail/CVE-2024-34351 https://github.com/vercel/next.js/security/advisories/GHSA-fr5h-rqp8-mj6g
**Is your feature request related to a problem? Please describe.** A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] **Describe the solution you'd...
Check if the apiUrl ends with a "/"; if it does, remove it from the URL main: 467 req, err := http.NewRequestWithContext(ctx, "POST", apiUrl+"/api/v1/scan", file)
Improve Error Message for Invalid Token in devguard-scanner now: devguard-scanner/main.go:548 software composition analysis failed err="could not parse hexPrivKey\ncould not sign request\nmain.init.0.func2.scaCommandFactory.1\n\t/app/cmd/devguard-scanner/main.go:474\nmain.init.0.func2\n\t/app/cmd/devguard-scanner/main.go:546\ngithub.com/spf13/cobra.(*Command).execute\n\t/go/pkg/mod/github.com/spf13/[email protected]/command.go:989\ngithub.com/spf13/cobra.(*Command).ExecuteC\n\t/go/pkg/mod/github.com/spf13/[email protected]/command.go:1117\ngithub.com/spf13/cobra.(*Command).Execute\n\t/go/pkg/mod/github.com/spf13/[email protected]/command.go:1041\nmain.Execute\n\t/app/cmd/devguard-scanner/main.go:55\nmain.main\n\t/app/cmd/devguard-scanner/main.go:587\nruntime.main\n\t/usr/local/go/src/runtime/proc.go:272\nruntime.goexit\n\t/usr/local/go/src/runtime/asm_amd64.s:1700"
By using GitLab CI/CD documentation: - The pictures are small; maybe we could add an option to click on the picture to expand it. - If the text in fields...
The following warning is generated in the pipeline: devguard-scanner/main.go:430 could not initialize config err="open .env: no such file or directory" which can be a bit confusing since the file is...
First-party vulnerabilities do not have a raw risk assessment, resulting in a default value of 0. This leads to the automatic assignment of low-severity labels, which may not accurately reflect...