-
v3.9.4
Improve scan performance and reduce false positives for Bandit rules B610, B110, B112 (!183)
-
v3.9.3
SASTBot: Monthly dependency updates for 15.6 (!177)
-
v3.9.2
Revert: Upgrade base image to ubi9-minimal in FIPS variant of Dockerfile (!180)
-
v3.9.1
Refine latest bandit rules from sast-rules repository into Semgrep (!179)
-
v3.9.0
Upgrade base image to ubi9-minimal in FIPS variant of Dockerfile (!175)
-
v3.8.3
SASTBot: Monthly dependency updates for %15.6 (!162)
-
-
v3.8.1
Fix FP patterns in SQL Injection and Hardcoded Password in Java (!172)
-
v3.8.0
Populates the `cve` field of each vulnerability finding (!169)
-
v3.7.6
Upgrade gitlab.com/gitlab-org/security-products/analyzers/report to v3.15.5 (!168)
-
v3.7.5
Switch to use ubi8-minimal as the base FIPS image (!165)
-
v3.7.4
Include `scan.analyzer` in JSON report output (!159)
-
v3.7.3
Bump go-fips builder image to 1.18 (!161)
-
v3.7.2
Upgrade to the latest security-code-scan ruleset 1.0.67 (!156)
-
v3.7.1
Include missing security-code-scan identifiers (!152)
-
-
-
v3.6.0
Adding Csharp support and security-code-scan ruleset (!137)
-
v3.5.0
SASTBot: Monthly dependency updates for %15.3 (!140)
-
v3.4.0
- Upgrade the `command` package (!141)