-
_This issue was automatically created by [Allstar](https://github.com/ossf/allstar/) and refers to [jeffmendoza-test-org/test-repo](https://github.com/jeffmendoza-test-org/test-repo)._
**Security Pol…
-
Hi,
I'm running into an issue while trying to scan my project for a casa tiers 2 assesments.
SAST and SCA scan are working fine but APK scan is not.
I'm using the latest docker image on Mac OS.
…
-
The [OpenSSF Scorecard](https://scorecard.dev/) defines a set of checks for good practices regarding security of open source projects. There is a tool to automatically check these via a GitHub action.…
-
### Current Behavior:
Use default quickstart from https://docs.dependencytrack.org/getting-started/deploy-docker/
# Downloads the latest Docker Compose file
curl -LO https://dependencytrack.org…
-
**Describe the bug**
In version ` Gitlab SAST report will still be generated; but with no vulnerabilities.
In version `>=1.64.0`, when there is an error in Semgrep -> Gitlab SAST report will not be…
-
I'm using hardhat to fork the mainnet and run unittest for my api calls and I got an issue when testing the function
```javascript
export async function getLoanTokenSupplied(
publicClient: Public…
-
sudo docker run -t \
-e project_name=java_benchamark -e environment=master \
-v /tmp/scan-config.yaml:/tmp/scan-config.yaml \
-v /tmp/reports:/tmp/reports \
-v /home/ub…
-
-
**Minimal .gitlab-ci.yml illustrating the issue**
```yml
include:
- project: to-be-continuous/golang
ref: 4.0.0
file: templates/gitlab-ci-golang.yml
- project: to-be-continuous/docke…
-
It would be nice to have some sort of security scanning functionality in CI to try to catch any security problems.
## SCA / Dependency scanning
- Snyk? (sketchy PNPM support?)
- [OWASP Dependen…