CodeQL
CodeQL can be used to generate a SARIF report, that can be imported into Defect Dojo:
codeql database analyze db python-security-and-quality.qls --sarif-add-snippets --format=sarif-latest --output=security-extended.sarif
The same can be achieved by running the CodeQL GitHub action with the add-snippet
property set to true.
Last modified April 2, 2024: Merge pull request #9867 from DefectDojo/release/2.33.0 (ca4250f)