-
Hello
The app is not running with last version of semgrep and prospector-html.
> semgrep scan --json --output semgrep-native-report.json --config=auto myapp
> prospector-html --input semg…
-
**Problem description**
Dojo Edit Finding from UI takes 50 seconds to complete. How can the performance be improved here?
The system has 10K engagements with 100K findings
**Steps to reproduce*…
-
Hello,
I am reviewing python SAST tools for GitHub.
This action no longer seems to work in it's current version.
Please note that this tool is however still [shown/advertised](https://gith…
-
# Code Security Report
### Scan Metadata
**Latest Scan:** 2024-05-31 07:55pm
**Total Findings:** 16 | **New Findings:** 3 | **Resolved Findings:** 1
**Tested Project Files:** 22
**Detected Programm…
-
# Code Security Report
### Scan Metadata
**Latest Scan:** 2024-07-12 10:48am
**Total Findings:** 1 | **New Findings:** 0 | **Resolved Findings:** 0
**Tested Project Files:** 1
**Detected Programmin…
-
The following section Implementation/Secure Build/Build Process (Maturity Level 2) has the following line "Finally, add appropriate automated security checks (e.g. using SAST tools) in the pipeline to…
-
**Is your feature request related to a problem? Please describe.**
Even if this project might not be considered as critical in terms of security, Hackers still may try to use it as an attack vector…
-
We are using Azure function .net SDK for writing httptrigger, timetrigger azure functions. When we ran the SAST scan using Checkmarx, we are getting following two issues:
1. The web application's IWe…
-
My [current build workflow](https://github.com/mjpieters/SO-userscripts/blob/main/.github/workflows/build.yaml) clearly uses CodeQL steps:
```yaml
# Initializes the CodeQL tools for scanning…
-
better response? hide some internal stack traces...
```
$ semgrep scan --config auto
┌──── ○○○ ────┐
│ Semgrep CLI │
└─────────────┘
…