Remove CRITICAL false positives for popular open-source projects

chainguard-dev / bincapz

detect malicious program behaviors

Apache License 2.0

378 stars 24 forks source link

Open tstromberg opened 1 month ago

tstromberg commented 1 month ago

We're using Wolfi as a benchmark open-source repo. There are a dozen or so CRITICAL false positives that exist, mainly relating to Python code.

imjasonh commented 3 weeks ago

We're using Wolfi as a benchmark open-source repo. There are a dozen or so CRITICAL false positives that exist, mainly relating to Python code.

Is there a list of these somewhere? I'd love to investigate.