Run octoscan as part of Flowzone workflows #1262
Conversation
|
Website deployed to CF Pages, 👀 preview link https://c5fe6b6d.flowzone.pages.dev |
klutchell
force-pushed
the
kyle/octoscan
branch
from
23dd5cd to
bddca3e
Compare
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
klutchell
force-pushed
the
kyle/octoscan
branch
from
bddca3e to
fa040b8
Compare
|
225 warnings... most of them seem actually quite unhelpful in that they are core functionality and there is no other way to implement the behaviour except to obfuscate it from the scanner.
|
klutchell
force-pushed
the
kyle/octoscan
branch
from
fa040b8 to
06298d7
Compare
klutchell
force-pushed
the
kyle/octoscan
branch
from
06298d7 to
ba45293
Compare
Change-type: minor Signed-off-by: Kyle Harding <[email protected]>
klutchell
force-pushed
the
kyle/octoscan
branch
from
ba45293 to
98c391f
Compare
Change-type: minor
See: https://balena.fibery.io/Work/Improvement/Run-octoscan-as-part-of-Flowzone-workflows-2384
See: https://balena.zulipchat.com/#narrow/channel/345885-aspect.2Fsecurity/topic/Penetration.20Testing.20of.20balenas.20CI.2FCD/near/482670470
I've opened a feature request for inline ignore directives: synacktiv/octoscan#16