-
Now that there's a proposal for https://github.com/zaproxy/zap-extensions/pull/4078, can we reactivate the Sarif export ask? This would make the action safer so sarif reported issues remain hidden to …
-
Since advanced security is very expensive, it would be nice to follow something like the renovatebot dashboard as a github issue and create an OpenSSF scorecard dashboard as a github issue. Once the i…
-
### What happened?
We're getting errors on every pull request of any type for dependancies.
An unexpected exception was encountered while performing policy checks. Please report this to https://gi…
-
**Is your feature request related to a problem? Please describe.**
The field `secretKey` is triggering a security finding from both GitHub Advanced Security and KICS scanning.
![image](https://git…
-
### Expected Behavior
If the 'security_and_analysis' block is either unset, unchanged, or ignored by Terraform by using the `ignore_changes` list in the `lifecycle` block of a `github_repository`, th…
fushi updated
4 weeks ago
-
### Description
The Code QL analysis workflow keeps failing.
### Additional Information
Could be related to:
https://github.com/Azure/azure-functions-dotnet-worker/issues/2601
It could be an idea t…
-
Create a manual build command for CodeQL to run in the FBPGo repo
Acceptance Criteria
- [ ] Code QL runs without error
Additional Context
- https://docs.github.com/en/enterprise-server@3.13/co…
-
### Problem
We are managing all our company repos via terraform and some of them have github advanced security feature enabled. Last month more people joined the company, and we started using a few m…
-
## Description
A lot of work has been implemented in 8.15 to add the new Notes functionality (see https://github.com/elastic/security-team/issues/9605 and https://github.com/elastic/security-team/iss…
-
```
customHTMLFiles: false # enable to have files placed in /customFiles/templates override the existing template html files
```
Can you give me a detailed explanation of how to mount after this …