We would like to request that all contributors please clone a *fresh copy* of this repository since the September 21st maintenance.
PR #867 GoSec and GoLang version bump
#826
Ensure Pattern Search and Semgrep include severity in SARIF files
#824 Added support to include SARIF CWE in Semgrep SARIF reports
https://github.com/coinbase/salus/pull/820 Fixed regression on reporting https://github.com/coinbase/salus/pull/819 Newer cargo audit and trufflehog https://github.com/coinbase/salus/pull/817 Bumping bundler to remove warning messages https://github.com/coinbase/salus/pull/816 Scanner version bumps
https://github.com/coinbase/salus/pull/799 - Support for multiple conditions for LanguageVersionScanner https://github.com/coinbase/salus/pull/801 - Fix CVE-2023-22796 https://github.com/coinbase/salus/pull/800 - Adding support for detected versions in SARIF
https://github.com/coinbase/salus/pull/786 Granular Thread Grouping. New scanning_group_completed event, retired reporting_scanners_ran event
https://github.com/coinbase/salus/pull/784: Content-Type for auto-fix report type https://github.com/coinbase/salus/pull/790: Support for gosec filter_errors. https://github.com/coinbase/salus/pull/791: Updating spec. https://github.com/coinbase/salus/pull/787: Support for custom registry for Yarn Auto Fix.