CodeQL
CodeQL can be used to generate a SARIF report, that can be imported into Defect Dojo:
codeql database analyze db python-security-and-quality.qls --sarif-add-snippets --format=sarif-latest --output=security-extended.sarif
The same can be achieved by running the CodeQL GitHub action with the add-snippet
property set to true.
Last modified July 24, 2024: Merge pull request #10626 from DefectDojo/release/2.36.5 (c58a297)