-
Pin passthrough to main branch 3 of 12 checklist items completed
- Merged
- 6
- 1
- Approved
updated -
Non-fork - Use updated pattern from avoid-pyyaml-load in B506 5 of 12 checklist items completed
- Merged
- 12
- Approved
updated -
Bump report to v3.22.1 3 of 12 checklist items completed
-
Always produce integration-test artifacts 3 of 12 checklist items completed
- Merged
- 2
- Approved
updated -
- Merged
- 4
- Approved
updated -
Append the `--verbose` flag to Semgrep when SECURE_LOG_LEVEL=debug 5 of 12 checklist items completed
- Merged
- 3
- Approved
updated -
Populate the cve field in each vulnerability 4 of 12 checklist items completed
- Merged
- 10
- Approved
updated -
Remove unused packages from FIPS image 3 of 12 checklist items completed
-
Bump go-fips builder image to 1.18 4 of 12 checklist items completed
- Merged
- 3
- Approved
updated -
Draft: Pin report to hash for testing 0 of 12 checklist items completed
-
Bump the SCS ruleset to 1.0.67 3 of 12 checklist items completed
- Merged
- 9
- Approved
updated -
Format SCS rule IDs correctly 5 of 12 checklist items completed
- Merged
- 18
- Approved
updated -
Document sast-rules as the source of truth 2 of 12 checklist items completed
- Merged
- 9
- Approved
updated -
Add C# to the list of supported extensions 4 of 12 checklist items completed
- Merged
- 30
- Approved
updated -
Use SAST_EXPERIMENTAL_FEATURES to remove high-FP rules 5 of 12 checklist items completed
- Merged
- 37
- Approved
updated -
Draft: FIPS testing 0 of 12 checklist items completed
-
Draft: Remove eslint object injection rule 3 of 12 checklist items completed
-
Upgrade core deps, remove no-op commands from Dockerfile, fix custom cert issues 3 of 12 checklist items completed
- Merged
- 15
- Approved
updated -
-
Fix exclusion patterns being matched against the absolute path of $CI_PROJECT_DIR 3 of 11 checklist items completed
- Merged
- 10
- Approved
updated