Chelsea Boling

icon indicating an email [email protected]

icon company @fossas @owasp icon location Used to be a wide-eyed optimist. Now a hardened, tempered-by-fire realist. Courtesy of Dr. @hohn. Former GitHubber; now at FOSSA

Results 6 issues of Chelsea Boling

Support for custom properties passed to the action

3 comment

Include a field to add custom properties to FOSSA analysis. Some users are dealing with custom builds which require custom properties to be passed to the invocation. @nielsdoucet provided a...

SARIF uploading best practices

CodeQL CLI 2.5.6+ isn’t compatible with Code Scanning on this GHES version Code Scanning doesn’t recognize the sarif-category field, so if you were to perform multi-language analysis, results would overwrite...

Securing input values

3 comment

Adding documentation to provide guidance on how to avoid injections using this action. Adding intermediate environment variables will help avoid this issue. The other approach is to refactor the `action.yml`,...

Support for custom fields

Some feedback that was given to us from an open source developer 😸 Based on the Jira python library being used, the actual customfields themselves are just an additional key/value...

Update README.md

Update permissions in README

Add paths/paths-ignore to CLI and Actions

1 comment

Delegate alerts based on paths specified to particular Jira backlogs. For instance, some engineering teams split Action workflows for a monorepo to speed up run time, whether those workflows are...