Avishay Balter
Avishay Balter
**Is your feature request related to a problem? Please describe.** To improve security of Presidio and to avoid potential supply chain attacks, the project should apply at least one dynamic...
**Is your feature request related to a problem? Please describe.** To reduce the risk of supply chain attacks, presidio should pin all dependencies strongly. The following dependencies are not pinned...
**Is your feature request related to a problem? Please describe.** Dependabot and Renovatebot configurations are not detected in the source location, making it hard to verify. **Describe the solution you'd...
**Is your feature request related to a problem? Please describe.** Memory safety comes up quite frequently these days in regards to developing secure and safe software. Yet there are hardly...
The current version of the C/C++ hardening guide is incredibly helpful in supporting GCC and CLang. Opening this issue to track the work that our team with @michaelcfanning and @GabrielDosReis...
When uploading image to storage, the plug-in creates a DB record in wp_postmeta named "windows_azure_storage_info" for each image. The value of this record contains hard-coded URL reference to the blob...
#### What kind of change does this PR introduce? Add support for checking [Nuget](https://www.nuget.org/) repeatable builds through the Pinned-Dependency checks. This supports nuget cli, dotnet cli and msbuild through an...
#### What kind of change does this PR introduce? Support nuget [central package management](https://learn.microsoft.com/en-us/nuget/consume-packages/Central-Package-Management) in detecting pinned dependencies - [x] PR title follows the guidelines defined in our [pull request...
**Describe the bug** Pinned dependencies checks for the nuget/.Net ecosystem checks for commands of form: "dotnet resotre"/"nuget restore" only to validate if the lockfile or central-package-management is used. however, nuget...
**Is your feature request related to a problem? Please describe.** Pinned dependency checks only check shell scripts and GitHub workflows and misses out on many open source repositories that implement...