Jiri Stary
Jiri Stary
I mean, why is the "security-severity": "9.8" not taken into account ?
hi aurelien, I dont have an idea, execpt for running the tool twice. In my scenario i run multiple scan tools with both human and machine output and then the...
Please update, there are also some other functions that are missing like TypeError: github.rest.repos.getCustomPropertiesValues is not a function
This issue can also be visible in sarif validator where start coumn and end column can be off by 1 https://sarifweb.azurewebsites.net/Validation 
Hi @Amndeep7 Sure, let me share the scan file. The reason why i did run it as snyk instead of jfrog was that it did not recognize it at complained...
@aaronlippold SARIF to HDF definitely, not sure about the other direction. When you import issues , ideally it should keep the same severity of the issues. Currently when importing from...
@aaronlippold What i do care about are indeed the labeled buckets and one other thing. The data consistency. I am ingesting data from couple different tools in SARIF format and...
Thanks, and i think it is awesome for all the tools that dont provide any numbers by default like checkov
Can you please update the docker file again ?
I would try if you are using a token with enough permissions that can pull the issues via the sonarqube api - maybe thats what returning empty list. I would...