Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🐛 Yarn Audit: Add CI importer support #9478

Merged
merged 2 commits into from
Feb 6, 2024
+293 −78

Merge branch 'dev' into fix_yarnaudit_issue6495

aefc479
Select commit
Loading
Failed to load commit list.
Merged

🐛 Yarn Audit: Add CI importer support #9478

Merge branch 'dev' into fix_yarnaudit_issue6495
aefc479
Select commit
Loading
Failed to load commit list.
DryRunSecurity / Sensitive Files Analyzer succeeded Feb 6, 2024 in 0s

DryRun Security

Details

Potentially Sensitive Files: 2 detected

⚠️ Sensitive File dojo/tools/yarn_audit/parser.py (click for details)
Type Sensitive File
Description The file name contains the word 'yarn' which is a package manager used for JavaScript and Node.js applications. Changes to this file could potentially introduce new vulnerabilities or malicious code into the application.
Filename dojo/tools/yarn_audit/parser.py
Code Link

django-DefectDojo/dojo/tools/yarn_audit/parser.py

Line 1 in aefc479

import json
⚠️ Sensitive File unittests/tools/test_yarn_audit_parser.py (click for details)
Type Sensitive File
Description The file name contains the word 'test' which is a common naming convention for test files in Python. Additionally, the file is located in the 'unittests' directory, which is a common location for test files in Python projects.
Filename unittests/tools/test_yarn_audit_parser.py
Code Link

django-DefectDojo/unittests/tools/test_yarn_audit_parser.py

Line 1 in aefc479

from ..dojo_test_case import DojoTestCase
View more details on DryRunSecurity