-
### Enhancement Request
With the current command structure, users and CI/CD integrations potentially need to run three `session login` (and `logout`) commands; they need to create an SC-SAST/SC-DAST …
-
**Describe the bug**
In version ` Gitlab SAST report will still be generated; but with no vulnerabilities.
In version `>=1.64.0`, when there is an error in Semgrep -> Gitlab SAST report will not be…
-
**Is your feature request related to a problem? Please describe.**
Dart and Flutter already use clang tidy to run several checks and perform static analysis and we would like to integrate their resul…
-
**Describe the bug**
This repo is using CodeQL for SAST scanning:
https://github.com/secureIO-GmbH/VulnerabilityHeatmap/actions/workflows/github-code-scanning/codeql
**Reproduction steps**
Ste…
-
В целом можно и на локалке настроить Snyk, но желательно все добавить в CI
-
As part of the OpenSSF Best Practices badges, we need to add at least one SAST (Static Application Security Testing) tool.
We could take a look at https://semgrep.dev/ which provide both a free and "…
-
Any chance of making a State Trooper version? You did an excellent job with the sheriff.
-
**Is your feature request related to a problem? Please describe.**
I would like to start a discussion to add more options for SAST tools. As of now, 3 tools are checked in the SAST check - CodeQL, LG…
-
What would be the correct set of options to use for fcli sc-sast scan wait-for if I wanted to wait for a scan to be completely finished, uploaded and completely merged in with existing scan results? I…
-