That isn't going to find package level vulnerabilities. Completely different. Also, for code vulnerabilities, OWASP could catch a lot of those. But SonarCloud will find them much quicker and will point directly to the code that is a vulnerability. OWASP wouldn't do that. Just to a basic API Endpoint level. Also, SonarCloud and Mend can easily be put into the build pipeline to check during each build. Or on a schedule.
Alper, you may want to consider using MEND (formerly WhiteSource, www.mend.io) to show vulnerabilities reported in .NET and NPM packages; it also tells you what versions the vulnerabilities have been fixed in. The second one you may want to look into is Sonarcloud (sonarcloud.io) which is incredible for finding security vulnerabilities in the actual source code.
My work uses both for compliance reasons, and they work fantastically to keep the codebase as secure as possible before deploying to the server.
Awesome. Thank you very much. I appreciate the help.
Yes that is correct. We are using Blazor Server version.
How do I update those. I can't find the correct Package.json file
I am having the same issues. Any ideas?
Does anyone have any ideas?
Any updates on this?
The HandleErrorAsync(ex); is only in the BLazor component though. The issue I am having is getting the error from the server and actually getting all the way to the component. It is getting lost somewhere and not making it to the client to be handled by the HandleErrorAsync method.
I think you are completely misunderstanding me or something. I did use that version. I tried to remove the sections for the language settings and it errors as I explained previously. That is not a fix for this, unfortunately.
Any updates on this?