François Proulx
François Proulx
**What happened**: I am scanning against a Python repo using Poetry (`poetry.lock`). Using `cyclonedx-json` output (also tried other output including `json`) and I do not get the dependency graph. **What...
It would be nice to support CycloneDX to be a more direct turn key alternative to `trivy` or `snyk`.
When using the SARIF output, the failOnError option (used for instance with the Maven plugin) shall be respected so that the Invocation object `executionSuccesful` flag is set to `true`, even...
You currently support Debian and Alpine. More and more people are looking at switching to Wolfi (Chainguard). Last month `trivy` added support for Wolfi https://github.com/aquasecurity/trivy/pull/3215
### Checklist - [X] I agree to the terms within the [Auth0 Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md). ### Describe the problem you'd like to have solved Similar to how AWS, GCP, Azure...
Intriguing
I find this `scripts/test/github-event-object-is-snapshot.sh` intriguing https://github.com/nikitastupin/pwnhub/commit/e098ccfbe889e2c5f0ae9169be58c55430d7a65b#diff-da7ba472d28c68dd7a9924155379ecfdedb107998ea36323e6adbb61fb192061 Not quite sure what to make of it
It would be awesome to support keyless attestation very easily as part of this GitHub Action.
# Description of the LOTP tool `mdformat` is markdown formatting tool that can be configured we a config file. # Configuration files ``` .mdformat.toml ``` # Documentation https://mdformat.readthedocs.io/en/stable/users/configuration_file.html # Real-world...
# Description of the LOTP tool `danger` is mega-linter / CI automation DSL tool that has tons of plugins that can be configured with config file and basically code. #...
# Description of the LOTP tool `gcloud` is Google Cloud management tool which has a lot of plugins and dozens (if not hundreds) of commands. # Configuration files `gcloud builds...