Questions about sast
Read more about sast
python (65.2k questions)
javascript (44.3k questions)
reactjs (22.7k questions)
java (20.8k questions)
c# (17.4k questions)
html (16.3k questions)
r (13.7k questions)
android (13k questions)
How to do Snyk code test in Jenkins pipeline?
I am helping our DevOps team integrate Snyk into the Jenkins pipelines for SAST. By default, it seems like this Snyk plugin is doing snyk test (which does open-source dependency scans) and appends the...
iamahecker
Votes: 0
Answers: 1
Is it possible when merging two branches new vulns appear?
I'm thinking about when is the perfect moment to run a SAST review but I am not sure. For me the best moment is before merging my branch to master (on the pull request), due to, you can fix it before ...
fuentecilla86
Votes: 0
Answers: 0
Why is GitLab CI SAST not exluding directories that I ask it to exclude?
I have enabled SAST scanning in GitLab CI (GitLab Community Edition) 14.5.2. The SAST runs tools like semgrep and ESLint run over the source code and scan for vulnerabilities. This works... except it'...
locka
Votes: 0
Answers: 2
Coverity issues for Filesystem path, filename, or URI manipulation in C#, .NET Core
We had a Coverity scan performed in our code and found the issue related to "Filesystem path, filename, or URI manipulation" which is a high impact security issue.
This is the code we had at...
ROY
Votes: 0
Answers: 0