Skip to content

Track security scans & updates #551

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Nov 3, 2022
Merged

Track security scans & updates #551

merged 9 commits into from
Nov 3, 2022

Conversation

@mocsharp
Copy link
Collaborator

@mocsharp mocsharp commented Nov 1, 2022
edited
Loading

Description

  • Updates grype ignore list (.grype.yaml)
  • Updates third-party packages & licenses

Status

Ready

Types of changes

  • Non-breaking change (fix or new feature that would not break existing functionality).
  • Breaking change (fix or new feature that would cause existing functionality to change).
  • New tests added to cover the changes.
  • All tests passed locally.
  • Documentation comments included/updated.
  • User guide updated.
  • I have updated the changelog

@mocsharp mocsharp self-assigned this Nov 1, 2022
@mocsharp
Update packages
96c4f81 
Signed-off-by: Victor Chang <[email protected]>
@mocsharp
Temporary enable security scans
0155bcb 
Signed-off-by: Victor Chang <[email protected]>
@mocsharp
Set container scans to continue-on-error
400a981 
Signed-off-by: Victor Chang <[email protected]>
@mocsharp
Update grype ignore list
04f8222 
Signed-off-by: Victor Chang <[email protected]>
@mocsharp
Update grype ignore list
0cd7d16 
Signed-off-by: Victor Chang <[email protected]>
@mocsharp
Update CVE-2015-5237 to closed
b48990e 
Signed-off-by: Victor Chang <[email protected]>
@mocsharp
Update packages & licenses
5c21244 
Signed-off-by: Victor Chang <[email protected]>
@mocsharp mocsharp requested a review from RemakingEden November 2, 2022 21:59
@mocsharp mocsharp added this to the 0.2.0 milestone Nov 2, 2022
@sonarqubecloud
Copy link

sonarqubecloud bot commented Nov 3, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@mocsharp mocsharp merged commit aa1888b into develop Nov 3, 2022
@mocsharp mocsharp deleted the vchang/security branch November 3, 2022 21:32
@github-actions
Copy link

github-actions bot commented Mar 9, 2023

🎉 This issue has been resolved in version 0.1.1 🎉

The release is available on:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@neildsouth neildsouth neildsouth approved these changes

@RemakingEden RemakingEden Awaiting requested review from RemakingEden

@jackschofield23 jackschofield23 Awaiting requested review from jackschofield23

Assignees

@mocsharp mocsharp

Labels

security

Projects

None yet

Milestone

0.1.1

Development

Successfully merging this pull request may close these issues.

3 participants

@mocsharp @neildsouth