Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Vulnerability Management #1706

Closed
wants to merge 174 commits into from
Closed

Vulnerability Management #1706

Changes from 2 commits
Commits
Show all changes
174 commits
Select commit Hold shift + click to select a range
713e090
Create SECURITY.md
joseguzman1337 Dec 13, 2020
4fbd7d9
Create codeql-analysis.yml
joseguzman1337 Dec 13, 2020
76768c4
Create ossar-analysis.yml
joseguzman1337 Dec 13, 2020
c3773cf
Create veracode-analysis.yml
joseguzman1337 Dec 13, 2020
618e027
Add .whitesource configuration file
mend-bolt-for-github[bot] Dec 30, 2021
a33455c
Merge branch 'mandiant:master' into master
joseguzman1337 Aug 11, 2023
313f595
Merge pull request #9 from 4k4xs4pH1r3/whitesource/configure
joseguzman1337 Aug 11, 2023
4b67c19
Merge branch 'master' into master
joseguzman1337 Aug 11, 2023
4fe6746
build(deps-dev): bump types-pyyaml from 6.0.8 to 6.0.12.11
dependabot[bot] Aug 14, 2023
6cdc242
build(deps-dev): bump types-protobuf from 4.23.0.3 to 4.24.0.1
dependabot[bot] Aug 14, 2023
f76e9d5
Merge branch 'master' into master
joseguzman1337 Aug 15, 2023
87abf14
Merge branch 'master' into master
joseguzman1337 Aug 22, 2023
b1111bf
Merge branch 'master' into master
joseguzman1337 Aug 29, 2023
1931b98
build(deps-dev): bump isort from 5.11.4 to 5.12.0
dependabot[bot] Aug 29, 2023
ead98af
Merge pull request #26 from 4k4xs4pH1r3/dependabot/pip/isort-5.12.0
joseguzman1337 Aug 29, 2023
777b201
Merge pull request #29 from 4k4xs4pH1r3/dependabot/pip/types-pyyaml-6…
joseguzman1337 Aug 29, 2023
0b15177
Merge pull request #30 from 4k4xs4pH1r3/dependabot/pip/types-protobuf…
joseguzman1337 Aug 29, 2023
32645b0
build(deps-dev): bump types-colorama from 0.4.15.11 to 0.4.15.12
dependabot[bot] Aug 29, 2023
4f12b9e
build(deps-dev): bump pyinstaller from 5.10.1 to 5.13.1
dependabot[bot] Aug 29, 2023
a7dfd46
Merge pull request #31 from 4k4xs4pH1r3/dependabot/pip/types-colorama…
joseguzman1337 Aug 29, 2023
3099023
Merge pull request #32 from 4k4xs4pH1r3/dependabot/pip/pyinstaller-5.…
joseguzman1337 Aug 29, 2023
585f17c
.
joseguzman1337 Aug 29, 2023
a139a65
Add .whitesource configuration file
mend-bolt-for-github[bot] Aug 29, 2023
bb29217
Merge pull request #33 from 4k4xs4pH1r3/whitesource/configure
joseguzman1337 Aug 29, 2023
f6deca6
.
joseguzman1337 Aug 29, 2023
4f49597
Add .whitesource configuration file
mend-bolt-for-github[bot] Aug 29, 2023
763c7f1
papeloto replaced by vimtor
joseguzman1337 Aug 29, 2023
dfbe7e7
.
joseguzman1337 Aug 29, 2023
71c578e
Merge pull request #34 from 4k4xs4pH1r3/whitesource/configure
joseguzman1337 Aug 29, 2023
d0d42fd
upgrade .github/workflows/veracode-analysis.yml.
joseguzman1337 Aug 29, 2023
c28b05c
upgrade .github/workflows/veracode-analysis.yml
joseguzman1337 Aug 29, 2023
29b44a7
Merge branch 'master' into master
joseguzman1337 Aug 31, 2023
0ebc019
Merge branch 'master' into master
joseguzman1337 Sep 13, 2023
91c0425
Merge branch 'master' into master
joseguzman1337 Sep 25, 2023
3e9aa87
codeql-analysis: restrict to python only
williballenthin Sep 27, 2023
f1858ba
Merge branch 'master' into master
williballenthin Sep 27, 2023
f26758c
Merge branch 'master' into master
joseguzman1337 Sep 30, 2023
c72070c
build(deps-dev): bump types-psutil from 5.8.23 to 5.9.5.17
dependabot[bot] Oct 16, 2023
3cd0de1
Merge branch 'master' into master
joseguzman1337 Oct 16, 2023
6c1fb3b
Merge branch 'master' into master
joseguzman1337 Oct 18, 2023
d2d9417
build(deps-dev): bump types-termcolor from 1.1.4 to 1.1.6.2
dependabot[bot] Oct 23, 2023
02aa32a
Merge branch 'master' into master
joseguzman1337 Nov 30, 2023
a4e99ac
build(deps-dev): bump pydantic from 2.1.1 to 2.5.2
dependabot[bot] Nov 30, 2023
0a51d6d
build(deps-dev): bump protobuf from 4.23.4 to 4.25.1
dependabot[bot] Nov 30, 2023
20f9992
Merge branch 'master' into master
joseguzman1337 Jan 26, 2024
06230f4
Merge branch 'master' into master
joseguzman1337 Jan 31, 2024
6a30a0e
Merge branch 'master' into dependabot/pip/types-psutil-5.9.5.17
joseguzman1337 Jan 31, 2024
5c76bd2
Merge pull request #50 from 4k4xs4pH1r3/dependabot/pip/types-psutil-5…
joseguzman1337 Jan 31, 2024
f10b31e
Merge branch 'master' into dependabot/pip/types-termcolor-1.1.6.2
joseguzman1337 Jan 31, 2024
da27622
Merge pull request #51 from 4k4xs4pH1r3/dependabot/pip/types-termcolo…
joseguzman1337 Jan 31, 2024
14ae0de
Merge pull request #53 from 4k4xs4pH1r3/dependabot/pip/protobuf-4.25.1
joseguzman1337 Jan 31, 2024
04f5de8
Merge branch 'master' into dependabot/pip/pydantic-2.5.2
joseguzman1337 Jan 31, 2024
eebcced
Merge pull request #55 from 4k4xs4pH1r3/dependabot/pip/pydantic-2.5.2
joseguzman1337 Jan 31, 2024
34a0eab
Create codeql.yml
joseguzman1337 Jan 31, 2024
f1a7860
build(deps-dev): bump pre-commit from 3.5.0 to 3.6.0
dependabot[bot] Jan 31, 2024
b3e1624
build(deps-dev): bump isort from 5.12.0 to 5.13.2
dependabot[bot] Jan 31, 2024
72adb34
build(deps-dev): bump types-colorama from 0.4.15.12 to 0.4.15.20240106
dependabot[bot] Jan 31, 2024
b99038e
build(deps-dev): bump psutil from 5.9.2 to 5.9.8
dependabot[bot] Jan 31, 2024
46f649a
Merge pull request #57 from 4k4xs4pH1r3/dependabot/pip/pre-commit-3.6.0
joseguzman1337 Jan 31, 2024
b567127
Merge branch 'master' into dependabot/pip/isort-5.13.2
joseguzman1337 Jan 31, 2024
45b0e4a
Merge pull request #58 from 4k4xs4pH1r3/dependabot/pip/isort-5.13.2
joseguzman1337 Jan 31, 2024
90acb34
Merge branch 'master' into dependabot/pip/types-colorama-0.4.15.20240106
joseguzman1337 Jan 31, 2024
42ff23c
Merge pull request #59 from 4k4xs4pH1r3/dependabot/pip/types-colorama…
joseguzman1337 Jan 31, 2024
791b0df
Merge branch 'master' into dependabot/pip/psutil-5.9.8
joseguzman1337 Jan 31, 2024
c8f4623
Merge pull request #60 from 4k4xs4pH1r3/dependabot/pip/psutil-5.9.8
joseguzman1337 Jan 31, 2024
db022be
build(deps-dev): bump types-pyyaml from 6.0.12.11 to 6.0.12.12
dependabot[bot] Jan 31, 2024
d832678
Merge pull request #61 from 4k4xs4pH1r3/dependabot/pip/types-pyyaml-6…
joseguzman1337 Jan 31, 2024
bd03e20
build(deps-dev): bump types-psutil from 5.9.5.17 to 5.9.5.20240106
dependabot[bot] Jan 31, 2024
8ee1715
build(deps-dev): bump ruff from 0.1.14 to 0.1.15
dependabot[bot] Jan 31, 2024
e981a51
build(deps-dev): bump protobuf from 4.25.1 to 4.25.2
dependabot[bot] Jan 31, 2024
bda04f2
build(deps-dev): bump networkx from 3.1 to 3.2.1
dependabot[bot] Jan 31, 2024
bdac516
build(deps-dev): bump pydantic from 2.5.2 to 2.6.0
dependabot[bot] Jan 31, 2024
59e22da
Merge pull request #62 from 4k4xs4pH1r3/dependabot/pip/types-psutil-5…
joseguzman1337 Jan 31, 2024
ef0b327
Merge branch 'master' into dependabot/pip/ruff-0.1.15
joseguzman1337 Jan 31, 2024
a51c1e9
Merge pull request #63 from 4k4xs4pH1r3/dependabot/pip/ruff-0.1.15
joseguzman1337 Jan 31, 2024
b7e50a5
Merge branch 'master' into dependabot/pip/protobuf-4.25.2
joseguzman1337 Jan 31, 2024
76ce0ab
Merge pull request #64 from 4k4xs4pH1r3/dependabot/pip/protobuf-4.25.2
joseguzman1337 Jan 31, 2024
1bda85e
Merge branch 'master' into dependabot/pip/networkx-3.2.1
joseguzman1337 Jan 31, 2024
c8b64fd
Merge pull request #65 from 4k4xs4pH1r3/dependabot/pip/networkx-3.2.1
joseguzman1337 Jan 31, 2024
31b28c1
Merge branch 'master' into dependabot/pip/pydantic-2.6.0
joseguzman1337 Jan 31, 2024
5aa200d
Merge pull request #66 from 4k4xs4pH1r3/dependabot/pip/pydantic-2.6.0
joseguzman1337 Jan 31, 2024
8527581
Update README.md
joseguzman1337 Jan 31, 2024
487bea3
[StepSecurity] Apply security best practices
step-security-bot Jan 31, 2024
4489b6e
Merge pull request #68 from step-security-bot/stepsecurity_remediatio…
joseguzman1337 Jan 31, 2024
7f85805
build(deps): bump actions/checkout from 2.7.0 to 4.1.1
dependabot[bot] Jan 31, 2024
f66180d
build(deps): bump svenstaro/upload-release-action from 2.4.0 to 2.7.0
dependabot[bot] Jan 31, 2024
32348a0
build(deps): bump ad-m/github-push-action
dependabot[bot] Jan 31, 2024
9937bd0
build(deps): bump actions/dependency-review-action from 2.5.1 to 4.0.0
dependabot[bot] Jan 31, 2024
df2b134
build(deps): bump actions/setup-java from 3.11.0 to 4.0.0
dependabot[bot] Jan 31, 2024
8f1f0db
build(deps-dev): bump types-tabulate from 0.9.0.3 to 0.9.0.20240106
dependabot[bot] Jan 31, 2024
8a5847e
build(deps-dev): bump types-protobuf from 4.24.0.1 to 4.24.0.20240129
dependabot[bot] Jan 31, 2024
701dd3c
Merge pull request #69 from 4k4xs4pH1r3/dependabot/github_actions/act…
joseguzman1337 Jan 31, 2024
08b52b1
Merge branch 'master' into dependabot/github_actions/svenstaro/upload…
joseguzman1337 Jan 31, 2024
425cfe2
Merge pull request #70 from 4k4xs4pH1r3/dependabot/github_actions/sve…
joseguzman1337 Jan 31, 2024
4bc8bc9
Merge branch 'master' into dependabot/github_actions/ad-m/github-push…
joseguzman1337 Jan 31, 2024
0179c5f
Merge pull request #71 from 4k4xs4pH1r3/dependabot/github_actions/ad-…
joseguzman1337 Jan 31, 2024
6f0ac68
Merge branch 'master' into dependabot/github_actions/actions/dependen…
joseguzman1337 Jan 31, 2024
7ca05f7
Merge pull request #72 from 4k4xs4pH1r3/dependabot/github_actions/act…
joseguzman1337 Jan 31, 2024
5a4bc21
Merge branch 'master' into dependabot/github_actions/actions/setup-ja…
joseguzman1337 Jan 31, 2024
f7ff5ae
Merge pull request #73 from 4k4xs4pH1r3/dependabot/github_actions/act…
joseguzman1337 Jan 31, 2024
ac976e6
Merge branch 'master' into dependabot/pip/types-tabulate-0.9.0.20240106
joseguzman1337 Jan 31, 2024
94568fe
Merge pull request #74 from 4k4xs4pH1r3/dependabot/pip/types-tabulate…
joseguzman1337 Jan 31, 2024
02ef7ad
Merge branch 'master' into dependabot/pip/types-protobuf-4.24.0.20240129
joseguzman1337 Jan 31, 2024
515db1b
Merge pull request #75 from 4k4xs4pH1r3/dependabot/pip/types-protobuf…
joseguzman1337 Jan 31, 2024
63382c2
Create codacy.yml
joseguzman1337 Jan 31, 2024
8a6cc62
Create snyk-security.yml
joseguzman1337 Jan 31, 2024
144afbf
Create sysdig-scan.yml
joseguzman1337 Jan 31, 2024
bf657f9
Create apisec-scan.yml
joseguzman1337 Jan 31, 2024
f33f896
Create bandit.yml
joseguzman1337 Jan 31, 2024
825f0c3
Create checkmarx-one.yml
joseguzman1337 Jan 31, 2024
a566612
Create checkmarx.yml
joseguzman1337 Jan 31, 2024
6c5ae71
Create crda.yml
joseguzman1337 Jan 31, 2024
fcc7a7c
Create devskim.yml
joseguzman1337 Jan 31, 2024
9302121
Create defender-for-devops.yml
joseguzman1337 Jan 31, 2024
44e2b3b
Create endorlabs.yml
joseguzman1337 Jan 31, 2024
7724cb6
Create ethicalcheck.yml
joseguzman1337 Jan 31, 2024
b49cf28
Create frogbot-scan-and-fix.yml
joseguzman1337 Jan 31, 2024
0cd0dd1
Create frogbot-scan-pr.yml
joseguzman1337 Jan 31, 2024
559e6a1
Create mayhem-for-api.yml
joseguzman1337 Jan 31, 2024
eca8150
Create fortify.yml
joseguzman1337 Jan 31, 2024
0e1b76c
Create ossar.yml
joseguzman1337 Jan 31, 2024
6cdf4e8
Create pyre.yml
joseguzman1337 Jan 31, 2024
61134c2
Create pysa.yml
joseguzman1337 Jan 31, 2024
c78b54a
Create semgrep.yml
joseguzman1337 Jan 31, 2024
2ce5c1d
Create stackhawk.yml
joseguzman1337 Jan 31, 2024
cc7c2e9
Create synopsys-action.yml
joseguzman1337 Jan 31, 2024
2eea8d6
Create synopsys-io.yml
joseguzman1337 Jan 31, 2024
5982a2b
Create veracode.yml
joseguzman1337 Jan 31, 2024
b55f014
Create anchore-syft.yml
joseguzman1337 Jan 31, 2024
0f650a7
Create anchore.yml
joseguzman1337 Jan 31, 2024
2a0a5be
Create hadolint.yml
joseguzman1337 Jan 31, 2024
573537e
Create snyk-container.yml
joseguzman1337 Jan 31, 2024
830a89a
Create trivy.yml
joseguzman1337 Jan 31, 2024
c81c2db
Create bearer.yml
joseguzman1337 Jan 31, 2024
6e46160
Create brakeman.yml
joseguzman1337 Jan 31, 2024
0f4ff31
Create clj-holmes.yml
joseguzman1337 Jan 31, 2024
44e9b11
Create codescan.yml
joseguzman1337 Jan 31, 2024
e6d61ec
Create clj-watson.yml
joseguzman1337 Jan 31, 2024
af30ea8
Create cloudrail.yml
joseguzman1337 Jan 31, 2024
98d123d
Create contrast-scan.yml
joseguzman1337 Jan 31, 2024
993df1d
Create credo.yml
joseguzman1337 Jan 31, 2024
f7fd3a0
Create crunch42.yml
joseguzman1337 Jan 31, 2024
b4560b2
Create datree.yml
joseguzman1337 Jan 31, 2024
1530500
Create detekt.yml
joseguzman1337 Jan 31, 2024
d1bc393
Create eslint.yml
joseguzman1337 Jan 31, 2024
ee7c411
Create flawfinder.yml
joseguzman1337 Jan 31, 2024
97ab8dd
Create jscrambler-code-integrity.yml
joseguzman1337 Jan 31, 2024
c92e9a6
Create kubesec.yml
joseguzman1337 Jan 31, 2024
34b1efd
Create lintr.yml
joseguzman1337 Jan 31, 2024
c750914
Create mobsf.yml
joseguzman1337 Jan 31, 2024
4a0f245
Create msvc.yml
joseguzman1337 Jan 31, 2024
fdee965
Create njsscan.yml
joseguzman1337 Jan 31, 2024
901bc45
Create nowsecure-mobile-sbom.yml
joseguzman1337 Jan 31, 2024
b483a8c
Create nowsecure.yml
joseguzman1337 Jan 31, 2024
7907f8f
Create phpmd.yml
joseguzman1337 Jan 31, 2024
3755803
Create pmd.yml
joseguzman1337 Jan 31, 2024
151e96b
Create powershell.yml
joseguzman1337 Jan 31, 2024
8648a3f
Create prisma.yml
joseguzman1337 Jan 31, 2024
715621d
Create psalm.yml
joseguzman1337 Jan 31, 2024
2d141f0
Create puppet-lint.yml
joseguzman1337 Jan 31, 2024
5eac9ca
Create rubocop.yml
joseguzman1337 Jan 31, 2024
9aab629
Create rust-clippy.yml
joseguzman1337 Jan 31, 2024
25bcaa3
Create securitycodescan.yml
joseguzman1337 Jan 31, 2024
a372e47
Create snyk-infrastructure.yml
joseguzman1337 Jan 31, 2024
35ed57d
Create sobelow.yml
joseguzman1337 Jan 31, 2024
1786b69
Create sonarcloud.yml
joseguzman1337 Jan 31, 2024
0c1bd00
Create sonarqube.yml
joseguzman1337 Jan 31, 2024
b778df0
Create soos-dast-scan.yml
joseguzman1337 Jan 31, 2024
36fa405
Create tfsec.yml
joseguzman1337 Jan 31, 2024
9e37fe8
Create xanitizer.yml
joseguzman1337 Jan 31, 2024
9b15eff
Create zscaler-iac-scan.yml
joseguzman1337 Jan 31, 2024
135b3d0
Create zscan.yml
joseguzman1337 Jan 31, 2024
10a97e4
Create cleanthat.yaml
joseguzman1337 Jan 31, 2024
edd55da
Update dependabot.yml
joseguzman1337 Jan 31, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ dev = [
"flake8-copyright==0.2.4",
"ruff==0.0.286",
"black==23.7.0",
"isort==5.11.4",
"isort==5.12.0",
"mypy==1.5.1",
"psutil==5.9.2",
"stix2==3.0.1",
Expand Down