-
### Describe the User Story
As a security minded engineer,
so that the code is more secure,
I want to have SAST in a CI workflow
### Acceptance Criteria
There is a SAST scanner in the CI workfl…
-
# 人与代码的桥梁-聊聊SAST · LoRexxar's Blog
[https://lorexxar.cn/2023/12/18/sast2024/](https://lorexxar.cn/2023/12/18/sast2024/)
-
**Describe what change you would like** :
It would be good to have a section on static analysis in the implementation section, and add semgrep to the new section
**Context** :
Section: 07-imp…
-
**Describe the bug**
In version ` Gitlab SAST report will still be generated; but with no vulnerabilities.
In version `>=1.64.0`, when there is an error in Semgrep -> Gitlab SAST report will not be…
-
See details [here](https://examplesasttool.com/app/issue/38572946895)
-
Context: https://github.com/google/brotli/security/code-scanning/4
Quick view on actions panel reveals that report is not true: https://github.com/google/brotli/actions/workflows/codeql.yml?query=bra…
-
### Describe the bug
if repo contain Python code with pip dependencies, xRay CLI failed to build dependency tree.
### Current behavior
$ jf audit
```
16:18:26 [Debug] JFrog CLI version: 2.70.0
1…
-
## **Goal**:
Test the suitability of GitHub CodeQL as Mojaloop's static application security testing (SAST) tool.
Static application security testing (SAST), or static analysis, is a testing meth…
-
We could extend the advisor's capabilities for static code analysis, esp. with a focus on security, like with any of these (alphabetical order):
- [Bearer](https://github.com/bearer/bearer)
- [Ecl…
-
Create a ToDo Application using the STUDENT App Catalog group in C#