[BST-13457] Removes prefix BoostSecurity for 3rd party scanners. #179

stlef14 · 2024-11-08T22:30:03Z

For 3rd party scanners, we're to remove the prefix BoostSecurity, recommended to avoid issues with the 3rd parties.

lindycoder

Seems some casing are not exactly what the product advertise, I don't know if we care, you can ignore if we dont.

but Ssemgrep has a typo

lindycoder · 2024-11-09T16:52:12Z

scanners/boostsecurityio/bundler-audit/module.yaml

@@ -2,7 +2,7 @@ api_version: 1.0


 id: boostsecurityio/bundler-audit
-name: BoostSecurity bundler-audit
+name: Bundler-audit


Are you sure the case should change, name seems to be in lower case
https://github.com/rubysec/bundler-audit

lindycoder · 2024-11-09T16:53:10Z

scanners/boostsecurityio/gosec/module.yaml

@@ -2,7 +2,7 @@ api_version: 1.0


 id: boostsecurityio/gosec
-name: BoostSecurity gosec
+name: Gosec


Here too it seems lower case
https://github.com/securego/gosec

lindycoder · 2024-11-09T16:54:10Z

scanners/boostsecurityio/npm-audit/module.yaml

@@ -2,7 +2,7 @@ api_version: 1.0


 id: boostsecurityio/npm-audit
-name: BoostSecurity npm-audit
+name: Npm-audit


Seems linke a tool from npm which is lower case, should it change?
https://docs.npmjs.com/cli/v9/commands/npm-audit

lindycoder · 2024-11-09T16:54:55Z

scanners/boostsecurityio/osv-scanner/module.yaml

@@ -2,7 +2,7 @@ api_version: 1.0


 id: boostsecurityio/osv-scanner
-name: BoostSecurity osv-scanner
+name: OSV Scanner


According to https://github.com/google/osv-scanner maybe it should be OSV-Scanner with a dash

lindycoder · 2024-11-09T16:56:18Z

scanners/boostsecurityio/semgrep/module.yaml

@@ -1,7 +1,7 @@
 api_version: 1.0

 id: boostsecurityio/semgrep
-name: BoostSecurity semgrep
+name: Ssemgrep


(IMPORTANT) There's an extra s here, Semgrep seems to be the right casing

[BST-13457] Removes prefix BoostSecurity for 3rd party scanners.

696f03a

lindycoder reviewed Nov 9, 2024

View reviewed changes

Provide feedback