Is it a trend that cloud services have less features than their on-premise counterparts? Today I am struggling with the #Azure container registry cache, which does not support pulling new tags automatically, which makes it unusable for #Renovate. #Bitbucket cloud does not have the feature to delete PRs. Same was when #SonarQube became #SonarCloud - so many useful features where suddenly missing.
What's your favorite tool or method of securing 3rd party packages against vulnerabilities, "supply chain attacks", and malicious packages in a #dotnet, #javascript and #Docker / #Kubernetes setting?
Is it #Snyk, #FOSSA, #SonarQube / #SonarCloud, or something else entirely?
Boosts and recommendations highly appreciated. 🙏
Blogged: Using SonarCloud with ASP.NET Core, Angular and github actions
https://damienbod.com/2024/05/13/using-sonarcloud-with-asp-net-core-angular-and-github-actions/
#aspnetcore #dotnet #angular #sonar #sonarcloud #sast #devops #github
"🔥 pfSense Security Alert: Critical Vulnerabilities Uncovered by SonarCloud 🛡️"
SonarCloud's vigilant scanning reveals two critical vulnerabilities in pfSense, a widely used open-source firewall: XSS (CVE-2023-42325) and Command Injection (CVE-2023-42326). These vulnerabilities, if exploited, could allow attackers to execute arbitrary commands on pfSense appliances, highlighting the importance of continuous security vigilance even within trusted network perimeters. Thanks to swift action by Netgate, patches are now available. A reminder to always keep your systems updated!
📚 Source: Oskar Zeino-Mahmalat's article on SonarSource SonarSource Blog
Tags: #pfSense #Cybersecurity #Vulnerabilities #XSS #CommandInjection #Netgate #SonarCloud #SecurityPatch 🚨🔒💻
Hello fellow .NET developers, We have just released five new rules targeting Blazor components, to help you code confidently using this new UI technology from Microsoft. They cover things such as Mismatched parameter types and route constraints Bad usage of query-string parameters Unsupported query-string parameter types Bad usage of JSinterop You can use them in SonarCloud today, and very soon in the upcoming SonarCloud 10.4. Feel free to leave any questions or feedback in the comments. D...
I am very happy to announce that #sonarcloud and #sonarqube now support the upcoming #dotnet8 & #csharp12 a full week before their release!
Find out more on https://community.sonarsource.com/t/net-8-and-c-12-support/103931
Hi .NETers In advance of the upcoming .NET release, we are very happy to announce that we have added support for C#12 & .NET 8. We now find issues in the new syntax in C#12 such as primary constructors, collection expressions, inline arrays, optional parameters in lambdas, ref readonly parameters and type aliases. The current release focuses on the rules contained in the “Sonar way” profile, improvements to non-Sonar way rules will follow. This release is available today on SonarCloud and wil...
ugh, trying for days now to find out why my phpunit tests do not provide coverage for #sonarcloud
Slowly getting the feeling I managed to create a special case of phpunit config, which makes matching the code for the coverage not working in special circumstances.
but running it local with identic versions does work 🙄
#php
Highbyte
Arnold Franke
Marnix van Valen
Peter Toft Jølving
damienbod
🛡 
Denis Troller
FlyingMana