Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update semgrep post-processor #95

Merged
merged 1 commit into from
Jan 17, 2024
Merged

Update semgrep post-processor #95

merged 1 commit into from
Jan 17, 2024

Conversation

becojo
Copy link
Contributor

@becojo becojo commented Jan 16, 2024

Changes:

  • SARIF results now have the severity of the reporting descriptor's default configuration.
  • Semgrep confidence metadata is mapped to Boost's confidence level

@becojo becojo requested a review from a team as a code owner January 16, 2024 19:22
@becojo becojo merged commit bb3c5b3 into main Jan 17, 2024
4 checks passed
@becojo becojo deleted the BST-8791 branch January 17, 2024 19:00
lindycoder pushed a commit to lindycoder/scanner-registry that referenced this pull request Jan 23, 2024
@fproulx-boostsecurity @stlef14 @ledo01
Promoting Dev to Prod (boost-community#92)
0e79601 
* Hackathon-DAST scanner (boost-community#92)

Signed-off-by: stlef14 <[email protected]>

* Updated trivy-image post-processor (boost-community#93)

This update is to handle missing Metadata.RepoTags from the trivy output 
(ref: boostsecurityio/boostsec-scanner-trivy#23)

* Hackathon-Update rulesdb for nuclei (boost-community#94)

Signed-off-by: stlef14 <[email protected]>

* Nuclei new module def (boost-community#95)

Signed-off-by: stlef14 <[email protected]>

* Make Elevated GitHub App rule a Severe Supply Chain finding (boost-community#87)

Signed-off-by: François Proulx <[email protected]>

---------

Signed-off-by: stlef14 <[email protected]>
Signed-off-by: François Proulx <[email protected]>
Co-authored-by: stlef14 <[email protected]>
Co-authored-by: Olivier Leduc <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SUSTAPLE117 SUSTAPLE117 SUSTAPLE117 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@becojo @SUSTAPLE117