CodeQL
CodeQL can be used to generate a SARIF report, that can be imported into Defect Dojo:
codeql database analyze db python-security-and-quality.qls --sarif-add-snippets --format=sarif-latest --output=security-extended.sarif
The same can be achieved by running the CodeQL GitHub action with the add-snippet property set to true.
Last modified January 16, 2023: Doc: Split doc to files + unittest for missing unittest and doc (#7418) (392bf7099)