added some additional color on creating web hooks for slack to help the next guy. Also adjusted two typos#770
Closed
nobletrout wants to merge 44 commits intosecureCodeBox:mainfrom
nobletrout:main
Closed
added some additional color on creating web hooks for slack to help the next guy. Also adjusted two typos#770nobletrout wants to merge 44 commits intosecureCodeBox:mainfrom nobletrout:main
nobletrout wants to merge 44 commits intosecureCodeBox:mainfrom
nobletrout:main
Conversation
next guy. Also adjusted two typos
next guy. Also adjusted two typos Signed-off-by: nobletrout <nobletrout@gmail.com>
…to main Signed-off-by: nobletrout <nobletrout@gmail.com>
rfelber
previously approved these changes
Oct 24, 2021
Member
rfelber
left a comment
rfelber
left a comment
There was a problem hiding this comment.
Hi @nobletrout,
thx a lot for your PR and improvement here regarding the project docs 🤙 Great work!
Do you mind to add yourself to our CONTRIBUTORS File to agree with our project licence apache 2.0 and ensure all of your commits are signed off? Thanks in advance 🤗
Signed-off-by: nobletrout <nobletrout@gmail.com>
next guy. Also adjusted two typos Signed-off-by: nobletrout <nobletrout@gmail.com>
Snyk has created this PR to upgrade axios from 0.21.4 to 0.22.0. See this package in npm: https://www.npmjs.com/package/axios See this project in Snyk: https://app.snyk.io/org/securecodebox/project/a3a488cf-f344-4e37-ad19-e0bbfb755bc3?utm_source=github&utm_medium=referral&page=upgrade-pr
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: GitHub Actions <securecodebox@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: GitHub Actions <securecodebox@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
The old version of the integration test framework did not have support for the new initContainer syntax introduced in ADR-0009. This commit adds this support, which is necessary for the semgrep integration tests Signed-off-by: Max Maass <max.maass@iteratec.com>
These tests require network access to download test files, as I do not know of a good way to provision the test files for them. Alternatives are appreciated. Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
We do not want to save the matched lines into the s3 bucket without encryption, as the lines may include sensitive information. Signed-off-by: Max Maass <max.maass@iteratec.com>
The semgrep scanner will not ship with default cascadingRules, so we provide documentation on how to write your own instead. Signed-off-by: Max Maass <max.maass@iteratec.com>
We do not want to retrieve files from the Internet for the integration tests, so the test now uses a local file in the repo. Signed-off-by: Max Maass <max.maass@iteratec.com>
DefectDojo supports semgrep, so this commit adds support for the semgrep results to the DD hook. It works fine on individual scans, but I still want to do some more testing before merging this. Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: GitHub Actions <securecodebox@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: GitHub Actions <securecodebox@iteratec.com>
Signed-off-by: Max Maass <max.maass@iteratec.com>
Signed-off-by: secureCodeBoxBot <securecodebox@iteratec.com>
Signed-off-by: secureCodeBoxBot <securecodebox@iteratec.com>
Signed-off-by: Robert Seedorff <Robert.Seedorff@iteratec.com>
Signed-off-by: GitHub Actions <securecodebox@iteratec.com>
Signed-off-by: secureCodeBoxBot <securecodebox@iteratec.com>
Signed-off-by: nobletrout <nobletrout@gmail.com>
Member
|
I think this PR was superceeded with #781, which has now been merged, so I'll close this one. Let me know if I got something wrong. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Checklist
npm testruns for the whole project.