-
We'd like to improve the security of our application by scanning dependencies. The majority of tooling is only able to scan a Pom.xml file for dependencies to build up a BOM.
I have looked into this…
-
For some projects I am using multiple scanners (OWASP Dependency check and retire.js and possibly also nsp). I would like to have the ability to upload multiple BOMs and scans in one go. The total wou…
-
GitHub scanned the dependencies, found these problems:
https://github.com/Doctusoft/gcpimp/network/dependencies
Check and fix if valid.
-
Loading PuLID-Flux model.
!!! Exception during processing !!! 'PulidFluxModel' object has no attribute 'image_proj'
Traceback (most recent call last):
File "E:\ComfyUI\ComfyUI\execution.py", line…
-
Hello,
i wanted to propose the following idea which helps users to only scan modules which they have edited:
A new command (lets say) yireo_extensionchecker:scan:changed which scans every edite…
-
The [markupsafe constraint](https://github.com/sodadata/soda-core/blob/main/soda/core/setup.py#L11) requires a version that is 1.5 years old which conflicts with [airflow v2.6.2+ constraints](https://…
-
Problem
We see some dependencies that are considered as vulnerable by both Snyk and White-source scanning. I found out about this because our organization does the scanning after we clone the repo. K…
-
Running the tool with and without pyproject.toml makes no difference.
The tool seems to rely on the current virtualenv instead, which seems wrong because:
* the dev dependencies cannot be distingu…
-
## Expected Behavior
There is no CVE found in the `temporalio/admin-tools` image.
## Actual Behavior
There are **30** vulnerabilities found for image temporalio/admin-tools:1.23.0, including 7 hi…
-
### Issue type
Missing information
### Problem description
There are several ways of adding something into runtime classpath of the build script itself. This issue is about the following two:
1.…
rybak updated
7 months ago