-
### Current Behavior
Dependency-Track v4.7.0 introduced Beta support for Snyk Analyser.
This requires configuration of `Organization ID` and `API token`, as well as `API Version`
I thought I h…
-
Snyk found a vulnerability in this repo that allows for command injection, so it is high severity.
Unfortunately, there isn't an immediately PR-able fix for it via Snyk so more investigation on our…
-
Hi,
I was interested in using the `webdevops/php-nginx` container in production but when scanned with `docker scan`, it reports a number of vulnerabilities present: "Tested 311 dependencies for kn…
-
On [https://github.com/KasparEtter/ef1p/blob/main/pages/email/email.md](url)
When you say `Webmail has the advantage that you always run the newest version of the code, which is sandboxed from the …
-
Hi, recently I'm seeing the following error when running the `upload-sarif@v3` GH action.
Example failure: https://github.com/cloudnative-pg/postgres-containers/actions/runs/8196632252/job/224172602…
-
**Is your feature request related to a problem? Please describe.**
I want to run X-Ray scans without depending on either Artifactory or GitHub Actions.
**Describe the solution you'd like to see**
P…
-
When I go to take the first step in the readme, the command fails because the package is not found.
```% npm install snyk-issues-to-html -g
npm notice
npm notice New minor version of npm avail…
-
Detailed paths
Introduced through: Podfile@0.0.0 › RNFastImage@8.6.3 › SDWebImageWebPCoder@0.8.5 › libwebp@1.2.4
Security information
Factors contributing to the scoring:
Snyk: [CVSS 7.5](https://…
-
### Current Behavior
The API used for Snyk Integration in DT v4.7.0 is versioned and fast-evolving. The `SCANNER_SNYK_API_VERSION` has updated twice even during the development of 4.7.0.
The conf…
-
**Describe the bug**
A third-party-extension security rater (similar to Snyk) has given this repo's VS Code Extension a "medium" threat level due to:
> Publisher didn't verify their listed domain ow…