-
**Is your feature request related to a problem? Please describe.**
As part of the OpenSSF badge, static code checking should be fully covered. While `govulncheck` is already present, more is needed…
-
I read the paper with great interest. I looked for it because it said that the implementation was publicly available, and I found this repository. When I actually used it, the behavior was different f…
-
### Detailed description
Implementing the CICD pipeline for automating the build, test, and deployment of the application.
### Context
Add Jenkinsfile for CICD, as it is an efficient way to m…
-
## Formulate the process
- [ ] Time estimation
- [ ] Define Priorities
- [ ] Formalize acceptance of:
- [ ] Have a Feature Acceptance committee
- [ ] Internal features
- [ ] Open Sources
…
-
**Describe what change you would like** :
It would be good to have a section on static analysis in the implementation section, and add semgrep to the new section
**Context** :
Section: 07-imp…
-
- document how to use sceptre to run a static analysis on our cloudformation templates for any errors
- document how to use sceptre to generate a change set as well as a changeset workflow
- look in…
-
For the Open PR Comments project for Sentry, I would like to know what functions have been modified through a PR diff. I believe Static Analysis currently supports extracting the changed lines on the …
-
While reviewing static analysis reports on some CheriBSD ports, I came across this [code](https://github.com/CTSRD-CHERI/chericat/blob/a69d6b8af9c325a861fe5d438f3b7eb34dfaa187/src/mem_scan.c#L289C1-L3…
-
We should perform some static analysis and content structure validation in files in this repository. In ideal case this would allow us to prevent issues like this red-hat-data-services/odh-manifests#5…
-
[scan-build](http://clang-analyzer.llvm.org/scan-build.html) is a really cool static analysis tool put together by the clang team. I decided to give it a try on the master branch of daala and it claim…