Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The security scanning jobs should only fail jobs if the PR adds a security issue #2751

Open
skitt opened this issue Oct 13, 2023 · 3 comments
Open

The security scanning jobs should only fail jobs if the PR adds a security issue #2751

skitt opened this issue Oct 13, 2023 · 3 comments
Assignees
@dfarrell07
Labels
bug Something isn't working priority:low

Comments

@skitt
Copy link
Member

skitt commented Oct 13, 2023

What happened:

Currently, security scanning jobs fail a PR if any of the project’s dependencies are identified as containing a known vulnerability. This prevents us merging PRs when a vulnerability is found, until the project updates to address that.

What you expected to happen:

PRs should only be blocked if they introduce a security vulnerability, i.e. add a dependency with a known vulnerability.
@skitt skitt added the bug Something isn't working label Oct 13, 2023
@dfarrell07 dfarrell07 self-assigned this Oct 24, 2023
@maayanf24 maayanf24 moved this to Todo in Submariner 0.18 Feb 19, 2024
@github-actions GitHub Actions
Copy link
Contributor

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further
activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale label Feb 22, 2024
@skitt skitt removed the stale label Feb 22, 2024
@github-actions GitHub Actions
Copy link
Contributor

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further
activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale label Jun 22, 2024
@dfarrell07 dfarrell07 removed the stale label Jun 25, 2024
@maayanf24 maayanf24 added this to Backlog Jul 2, 2024
@maayanf24 maayanf24 moved this to Backlog in Backlog Jul 2, 2024
@github-actions GitHub Actions
Copy link
Contributor

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further
activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the stale label Oct 24, 2024
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Oct 31, 2024
@tpantelis tpantelis removed the stale label Oct 31, 2024
@tpantelis tpantelis reopened this Oct 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dfarrell07 dfarrell07

Labels
bug Something isn't working priority:low
Projects
Backlog
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dfarrell07 @skitt @tpantelis