-
**Describe the bug**
I ran ApplicationInspector against the dependabot-core repo, and it crashed with a stackoverflow exception.
**To Reproduce**
Steps to reproduce the behavior:
1. git clone https:…
-
### Version
2.0.1
### Current Behavior
im testing Monokle GHA and it does creat a SARIF file.
but when using `sarif-to-comment-action` im getting the error `jq: error (at monokle-1707485394343.sa…
-
### 🐛 Describe the bug
Hi,
I have an issue while exporting torchaudio Spectrogram with torch.onnx.dynamo_export. There seems to be an issue with torch.jit.iinstance which is used to check if the p…
-
## Expected Behavior
SARIF report should only include active rules
https://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html#_Ref3899090
## Observed Behavior
SARIF report does not include…
-
It would be really helpful if gitlint would optionally generate a junit or [SARIF](https://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html) report. It acts like any other static analysis repo…
-
Hi I added Microsoft Security DevOps task and installed SARIF SAST Scans Tab. I can see the artifacts that is getting generated with the extension msdo.sarif but i am not seeing any output in the Scan…
-
-
**Describe the issue**
regarding: SARIF output
current: When scanning a Terraform plan (with --repo-root-for-plan-enrichment enabled) the SARIF results (physicalLocation) point to the plan file.
ex…
PIfM1 updated
2 months ago
-
SARIF support was recently added (#33, #4), adding a new output format to Nosey Parker's `report` command. This support is preliminary, but good enough that viewers like the [VSCode SARIF plugin](http…
-
Context: it's a private repo
workflow:
```yaml
name: diktat
on: push
jobs:
diktat_check:
name: 'diKTat Check'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
…