CodeQL
CodeQL can be used to generate a SARIF report, that can be imported into Defect Dojo:
codeql database analyze db python-security-and-quality.qls --sarif-add-snippets --format=sarif-latest --output=security-extended.sarif
The same can be achieved by running the CodeQL GitHub action with the add-snippet
property set to true.
Last modified October 21, 2024: Merge pull request #11110 from DefectDojo/release/2.39.2 (5c7de81)