Skip to main content
22 questions
Newest Active Bountied Unanswered
1 vote
0 answers
44 views

enter image description here error while running the Advanced security scanning using codeql in my azure devops i installed self-hosted-agents name dev-pool and installed them in ubuntu machine(ec2) ...
karthi_s7's user avatar
  • 11
1 vote
1 answer
127 views

My goal is to run multiple CodeQL query packs and suites (like security-extended and audit) in one GitHub Action workflow, and ideally merge the results into one SARIF file for upload to GitHub Code ...
David Ng's user avatar
  • 19
0 votes
0 answers
84 views

We've recently enabled GitHub Advanced Security(GAS) in one of our repositories, and whenever we create pull requests, the Automatic Dependency Submission(ADS) tries to validate our project(mainly the ...
Mase's user avatar
  • 95
-1 votes
1 answer
190 views

I've been setting up Github Advanced Security for Azure Devops, to use with Git hosted in Azure Devops (not Github), which has been largely successful. For the secret scanning, the system has ...
Jason Robbins's user avatar
  • 83
1 vote
1 answer
416 views

I'm using Github Advanced Security in Azure devops in a monorepo. With the given folder structure: . └── apps/ ├── frontend/ │ ├── green-app │ └── red-app └── backend/ ├── ...
Enrico's user avatar
  • 3,674
1 vote
1 answer
196 views

We are using Azure Dev Ops pipelines and Github Advanced Security to scan our repositories for security risks. ESLint is flagging violations for two rules, @microsoft/sdl/no-html-method and @microsoft/...
Lincoln Lourens's user avatar
  • 11
0 votes
1 answer
869 views

I’m encountering an issue with the “Block secrets on push” feature in Azure DevOps (ADO). Despite having the checkbox checked under **Settings **> Advanced Security, I was able to push a secret to ...
Louis XIV's user avatar
  • 1
0 votes
0 answers
91 views

I'm new to SAST and started performing tests in a C# repository with GitHub Advanced Security to understand the working principle. I inserted hard-coded credentials into the code, which does not ...
Daniel 's user avatar
  • 19
0 votes
2 answers
469 views

We've a number of pipelines (one using yaml and one with the classic jobs) that have suddenly started failing today. Anyone seeing a similar error? ##[error] An exception occurred during execution. ...
Paul's user avatar
  • 1
3 votes
2 answers
437 views

Azure devops pipeline task: AdvancedSecurity-Dependency-Scanning@1 ran fine yesterday, but not today. throws error: System.InvalidOperationException: Sequence contains no matching element at System....
Tobias's user avatar
  • 725
2 votes
2 answers
661 views

With Github Advanced Security for Azure DevOps we have created a nightly build (yaml) which builds our projects and scans for vulnerabilities with the AdvancedSecurity-Dependency-Scanning@1 task. What ...
Jacco Dieleman's user avatar
  • 1,558
1 vote
3 answers
2k views

I want to run custom codeql queries for Advanced Security in Azure DevOps (this is a feature that is now available in Azure DevOps not only GitHub). The built in default queries like security-and-...
Patrik Lindström's user avatar
  • 1,157
1 vote
1 answer
475 views

Any idea if GitHub Advanced Security for Azure supports accessing the historical vulnerability reports by date/tag/etc? Currently I'm only able to filter by things like the branch, pipeline, status, ...
David's user avatar
  • 21
0 votes
2 answers
267 views

I am new to github advance security. I have create a Github repo and enabled Codeql scanning. And used queries: security-extended,security-and-quality in codeql.yml file. Still if I add a comment in ...
EnigmaticJohn's user avatar
  • 159
0 votes
0 answers
1k views

GitHub Advanced Security for Azure DevOps - Dependency Scanning and CodeQL for a C# application built using task: Docker@2 failing to find code but similar pipeline works for JS. I’ve got two ...
Paul's user avatar
  • 1

15 30 50 per page
1
2