-
**Problem description**
Dojo Edit Finding from UI takes 50 seconds to complete. How can the performance be improved here?
The system has 10K engagements with 100K findings
**Steps to reproduce*…
-
Hi hi again :3
Now I test the fast mode and accurate mode, while the first one works great, the accurate mode close the app when we try to run it, so to get the log, I run it from ```backend/main.p…
latot updated
2 years ago
-
# WhiteSource SAST Security Report
Latest Scan: 2022-03-02 07:30pm
**New Findings:** 2
**Fixed Findings:** 1
**Total Findings:** 6
**Tested Project Files:** 1'458
**Detected Programmi…
-
### Request Description
OSV.dev is asking future additions to https://github.com/google/osv.dev?tab=readme-ov-file#third-party-tools-and-integrations to consider [adopting OpenSSF Scorecard](https://…
-
There are great metrics for software health provided by CHAOSS: https://chaoss.community/kbtopic/software/. It would be brilliant to use some of these if it is possible to query on those for a given r…
-
We are using Azure function .net SDK for writing httptrigger, timetrigger azure functions. When we ran the SAST scan using Checkmarx, we are getting following two issues:
1. The web application's IWe…
-
See https://github.com/ossf/scorecard/issues/1031#issuecomment-969117938
(Additional long-term improvements are in https://github.com/ossf/scorecard/issues/966#issuecomment-915598041)
We would lik…
-
**Describe the bug**
Semgrep fails with exit code 2 on GitLab Merge Request if '--no-suppress-errors' is set and there are no files to scan.
**To Reproduce**
Create a merge request in GitLab.
Ma…
-
### Enhancement Request
There have been various requests for improving the fcli documentation, both around documentation structure/format, and adding additional content.
Regarding structure/form…
-
If I run sast-scan on my project:
```
docker run --rm \
-e "SCAN_DEBUG_MODE=debug" \
-e "VDB_HOME=/db" \
-e "GITHUB_TOKEN=${GITHUB_TOKEN}" \
-e "WORKSPACE=${PWD}" \
-v /tm…