-
### Description
> Scorecard is an automated tool that assesses a number of important heuristics [("checks")](https://github.com/ossf/scorecard#scorecard-checks) associated with software security an…
-
-
**Is your feature request related to a problem? Please describe.**
Dart and Flutter already use clang tidy to run several checks and perform static analysis and we would like to integrate their resul…
-
acme.sh version 3.0.8
In reference to [this issue](https://github.com/acmesh-official/acme.sh/issues/2550#issuecomment-2297201339), here is the debug log
```
[Wed Aug 21 11:54:24 SAST 2024] Found…
-
Design an events section where upcoming SAST events can be listed. This section should be easy to update with new event information
-
My commands:
`codeql database analyze test C:\sast\codeql-main\csharp\ql\test\shared\PrintAst.ql --format=dot --output=result1.dot`
Than i trying to print it with graphviz:
`dot -Tps result1.dot\cs…
-
从实际情况,代码中byte和Byte类型不太可能被利用执行漏洞,为什么要作为污点
-
sudo docker run -t \
-e project_name=java_benchamark -e environment=master \
-v /tmp/scan-config.yaml:/tmp/scan-config.yaml \
-v /tmp/reports:/tmp/reports \
-v /home/ub…
-
We could extend the advisor's capabilities for static code analysis, esp. with a focus on security, like with any of these (alphabetical order):
- [Bearer](https://github.com/bearer/bearer)
- [Eclips…
-
### Enhancement Request
The native `scancentral` cli supports either specifying `SSC_URL` or SCSAST Controller URL (henceforth `SCSAST_URL`).
Currently, if `SSC_URL` is specified in the native `sc…