-
Run rsdmike/github-security-report-action@v3.0.4
with:
token: ***
sarifReportDir: ../results
outputDir: /home/deploy/actions-runner/xxxx
repository: xx/xxx
template: summar…
-
### 🐛 Describe the bug
I got an ```OnnxExporterError``` trying to export a PyTorch model using ```dynamo_export```. See below:
```
Traceback (most recent call last):
File "/Users/albasaco/Deskto…
-
The Static Analysis Results Interchange Format ([SARIF](https://sarifweb.azurewebsites.net/)) is an industry standard format for the output of static analysis tools. Github supports SARIF format and a…
-
I want to implement Trivy Github Action on a repo that contains multiple variants of a container image. The idea is that I am running a workflow for each version, like:
- Workflow 1 will build …
-
I noticed that the full rule description is not included in the SARIF report. I know that it was briefly included (in https://github.com/spotbugs/spotbugs/pull/1184) and then removed again in https://…
-
Hi, is it in the roadmap to make cspell provide [SARIF](https://sarifweb.azurewebsites.net/) output ? (SARIF is the OASIS common format for all analysis tools )
It would help improve its [integrati…
-
### 🐛 Describe the bug
I am getting an error trying to export a model with multiple inputs and outputs.
```python
dummy_input = torch.randn(
1, 100, 400
).to(device)
dummy_layer_one_ma…
-
I'm not sure how best to contact the SARIF community (the "Ask a Question" link takes me to this issue tracker), but here's a heads-up that I've implemented SARIF output support for GCC trunk, for GCC…
-
## Description
The SARIF reports generated by FindSecurityBugs do not contain the [Common Weakness Enumeration (CWE)](https://cwe.mitre.org/) taxonomy from MITRE.
Adding the CWE Taxonomies into …
-
## Overview
GitHub allows us to post comments with suggestions to a pull request. As far as I am concerned, the current implementation of the GitHub Action scans all files no matter what file we chan…