|
|
|
|
|
|
by westurner
1749 days ago
|
|
|
> For comparison, what percentage of human-generated code is secure? Yeah how did they measure? Did static and dynamic analysis find design bugs too? Maybe - as part of a Copilot-assisted DevSecOps workflow involving static and dynamic analysis run by GitHub Actions CI - create Issues with CWE "Common Weakness Enumeration" URLs from e.g. the CWE Top 25 in order to train the team, and Pull Requests to fix each issue?: https://cwe.mitre.org/top25/ Which bots send PRs? |
|
|