-
Notifications
You must be signed in to change notification settings - Fork 21
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Run contextual analysis and secret detection in Docker scans #10
Conversation
cc73f9d
to
d9644c8
Compare
d9644c8
to
5c4a016
Compare
5c4a016
to
a66c4c1
Compare
|
87bde6b
to
9a72b94
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think that the JAS content can be moved to its own package at the root project just like scangraph
now that it is used not only at audit
Also make sure that when printing the result for the scan in 'table' format we are not printing tables for Iac
and SAST
, it will confuse the users that will think we support that.
In addition make sure that in other formats the results are visiable.
98f5ad6
to
817cc0b
Compare
Merged in changes from #27 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Make sure documentation is updated.
Update branch to dev
9090dd7
to
8f45d20
Compare
8f45d20
to
cfe6df1
Compare
cfe6df1
to
dd4ac1d
Compare
dev
branch.go vet ./...
.go fmt ./...
.Ready to merge
Related issue #4
Depends on: jfrog/jfrog-cli-core#1146
Description:
This PR adds support for Jfrog Advanced Security (JAS) to the jfrog cli.
The following existing command will now also check if you are entitled for jas, and will use the new improved scanner to scan docker containers too.
Also note that you can use this to get the full SARIF with line numbers and more information:
The following options are also supported:
Demo of feature: