-
### Steps to Reproduce
1. Run Prowler as per the instructions here https://github.com/prowler-cloud/prowler/tree/master/contrib/aws/multi-account-securityhub.
### Expected behavior
Prowler s…
-
### Describe the bug
Hey,
I'm trying to publish build infos for my python3.11 project to Artifactory, but get an error at the `jf rt bp` step:
```
[project-pipeline_develop] $ jf rt bp
15:37:05 [De…
-
## Bug description
With using [pip-tools workflow for layered requirements](https://github.com/jazzband/pip-tools#workflow-for-layered-requirements) pip-audit fails because of duplicate requirements.…
-
pip-audit looks for vulnerabilites in pip packages.
Overall, it would keep the project more secure.
https://github.com/pypa/pip-audit#github-actions
https://github.com/marketplace/actions/gh-acti…
-
### Pre-submission checks
- [X] I am **not** reporting a new vulnerability or requesting a new vulnerability identifier. These **must** be reported or managed via upstream dependency sources or servi…
-
**Is your feature request related to a problem? Please describe.**
We would like to be able to see the severity of vulnerabilities detected, and ideally filter them out based on being above/below a…
-
This was just a random thought I had: some users might want to integrate the results of this action's workflow run(s) into other alerting systems, like a Slack channel.
Supporting every possible in…
-
/cc @sethmlarson who I briefly mentioned this to at PyCon US 2024
The current process is documented at
https://pip.pypa.io/en/stable/development/release-process/
The idea here would be to autom…
-
https://github.com/trailofbits/gh-action-pip-audit/releases/tag/v1.0.0
worth considering as a SAST tool.
Wdut?
-
## Bug description
Duplicate entries (with extras) in a requirements file cause an error when auditing if using the `--disable-pip` option.
This is closely related to #564 (but I would say that …