Richard Seeton

Suppression of specific CVE based on CVSS value

2

Our implementation of DependencyCheck uses suppression files to 'quiet' issues which are considered not-applicable or low risk, based - in part - on the CVE's CVSS. However, the CVSS ratings...

codeql-action/init should explicitly delete an already present database (for self-hosted runners)

7

We are running CodeQL as an action on self-hosted runners and have enabled the 'over-write' option to clean the CodeQL database before each run. However, some environments fail with the...

Add configuration to use a private registry instead of docker.com when running as the yq action

3

When running the yq action in GitHub we encounter the following message: > Pull down action image 'mikefarah/yq:4-githubaction' > /usr/local/bin/docker pull mikefarah/yq:4-githubaction > Error response from daemon: toomanyrequests: You have...