-
### Is your feature request related to a problem? Please describe.
A static code analysis tool could alert us quicker on things that circular dependencies, syntax errors, code quality, and best pra…
-
### Current Behavior
**Issue**
We are encountering intermittent 404 errors while making API calls in FCLI to poll for Fortify scan results. Here is a concise overview of our scan process.
- Aut…
-
As part of the OpenSSF Best Practices badges, we need to add at least one SAST (Static Application Security Testing) tool.
We could take a look at https://semgrep.dev/ which provide both a free and "…
-
### Current Behavior
At least the `fcli fod sast-scan setup` but possibly also some of the `setup` commands for other scan types don't have proper default table output columns configured, resulting…
-
Any chance of making a State Trooper version? You did an excellent job with the sheriff.
-
# Code Security Report
### Scan Metadata
**Latest Scan:** 2024-08-29 12:37am
**Total Findings:** 4 | **New Findings:** 2 | **Resolved Findings:** 5
**Tested Project Files:** 19
**Detected Programmi…
-
**Is your feature request related to a problem? Please describe.**
Dart and Flutter already use clang tidy to run several checks and perform static analysis and we would like to integrate their resul…
-
### Enhancement Request
If the entitlement associated with an existing scan setup is deactivated (usually because it was replaced with a new entitlement), the `fcli fod sast-scan start` (and possib…
-