Vulnlog

@[email protected]
1 Followers
1 Following
8 Posts
Supply chain security, as code.
Open-source CLI for tracking SCA vulnerability findings in your repository.
#DevSecOps #AppSec #SupplyChainSecurity #OpenSource
Webhttps://vulnlog.dev
Documentationhttps://vulnlog.dev/docs/
GitHubhttps://github.com/vulnlog/vulnlog
Show threadVulnlog2d ago

This command was used to generate the above Cargo Audit suppression file:

vulnlog suppress vulnlog.yaml --reporter cargo-audit

Vulnlog2d ago

Vulnlog 0.14.0 has been released. Highlights:

- Vulnlog now supports Cargo Audit native suppression file format.
- Install Vulnlog with a simple install script

https://vulnlog.dev/

#infosec #appsec #opensource

VulnlogMay 14
Vulnlog helps developer teams handle SCA vulnerability findings: document what's actually affected, plan fixes for upcoming releases, and share clear reports with peers and customers. Open source, all from YAML in your repo.
🔗 vulnlog.dev
VulnlogMay 3

Vulnlog 0.13.0 is out, open-source vulnerability tracking in YAML, right in your repo.

What's new:
- `copy` command, propagate vulnerability entries between Vulnlog files, useful when maintaining multiple Vulnlog files
- Richer HTML reports, generation time, Vulnlog version, source filenames, applied filters and more
- New "dismissed" state, distinguishes entries closed without a fix from resolved ones
- `report` command can now write to STDOUT for CI pipelines
- New `vulnlogCopy` Gradle task

https://vulnlog.dev