-
Please enable CodeQL SAST scans and notifications by default on all GitHub repositories, like Dependabot. There are millions of projects with vulnerabilities that the owners and downstream users are u…
-
## Context
If an external artifact is a text artifact, a SARIF file will include an `artifactContent` object inside a `result.locations.region.snippet` property to:
- allow a SARIF viewer to present…
-
## 简化项目结构,将重心整合至活动(event)
旧的结构过于复杂,设计冗余过多,为了项目未来发展进行一下修改:
1. 修改并删除初期冗余设计
2. 尝试使用新的手段为各组件间解耦
3. 尝试将quartz剔除,并整合更加轻量的schedule系统
4. 优化鉴权系统,整合至sast-link等
-
**Is your feature request related to a problem? Please describe.**
In some cases the maintainers seemed to perceive a clear differentiation with other security tools, like CodeQL and dependabot in a …
-
Would you be interested if I submit a PR to add the OpenSSF Scorecard github action?
https://github.com/ossf/scorecard
https://github.com/ossf/scorecard-action
Example from another project: htt…
wwuck updated
3 months ago
-
# Code Security Report
### Scan Metadata
**Latest Scan:** 2024-05-26 05:09am
**Total Findings:** 5 | **New Findings:** 0 | **Resolved Findings:** 0
**Tested Project Files:** 259
**Detected Programm…
-
Good afternoon, In the future, is it possible that neuvector can perform code analyzes such as trivy and sonarqube and generate reports in an interface?
-
Imported from SourceForge on 2024-07-03 07:25:58
Created by **[mikeclarkson](https://sourceforge.net/u/mikeclarkson/)** on 2002-09-20 17:41:20
Original: https://sourceforge.net/p/maxima/bugs/131
---
…
-
Extract the 10 testability patterns for PHP that are more impactful for SAST tools.
- we can start with the results from the NDSS paper
- if possible re-measure SAST tools against the reviewed PHP pa…
-
Would the project maintainers be interested in a PR to add the [OpenSSF Scorecard](https://github.com/ossf/scorecard) [github action](https://github.com/ossf/scorecard-action) to the CI workflow? It …
wwuck updated
3 months ago