Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Run vulnerability scan on latest release version #355

Merged
merged 1 commit into from
Oct 14, 2024
Merged

Run vulnerability scan on latest release version #355

merged 1 commit into from
Oct 14, 2024

Conversation

bestbeforetoday
Copy link
Member

Previously the scan ran on the current state of the codebase. This fails to identify vulnerabilities in dependencies for the latest release version if those dependencies have already been updated in the development codebase. The gating factor for whether a new release is required should be whether the previous release contains vulnerabilities.

This change runs the scheduled vulnerability scan on the latest release tag. It also adds vulnerability scanning to pull request builds. This is purely informational. A scan failure does not fail the pull request build.

@bestbeforetoday bestbeforetoday force-pushed the scan-release branch 3 times, most recently from 9612f6d to d804a02 Compare October 14, 2024 09:00
@bestbeforetoday
Run vulnerability scan on latest release version
6f1ae8f 
Previously the scan ran on the current state of the codebase. This fails
to identify vulnerabilities in dependencies for the latest release
version if those dependencies have already been updated in the
development codebase. The gating factor for whether a new release is
required should be whether the previous release contains
vulnerabilities.

This change runs the scheduled vulnerability scan on the latest release
tag. It also adds vulnerability scanning to pull request builds. This is
purely informational. A scan failure does not fail the pull request
build.

Signed-off-by: Mark S. Lewis <Mark.S.Lewis@outlook.com>
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Oct 14, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@bestbeforetoday bestbeforetoday marked this pull request as ready for review October 14, 2024 09:18
@bestbeforetoday bestbeforetoday requested a review from a team as a code owner October 14, 2024 09:18
@bestbeforetoday bestbeforetoday enabled auto-merge (squash) October 14, 2024 09:18
@bestbeforetoday bestbeforetoday assigned denyeart and unassigned denyeart Oct 14, 2024
@bestbeforetoday bestbeforetoday merged commit 33f3ba8 into hyperledger:main Oct 14, 2024
9 checks passed
@bestbeforetoday bestbeforetoday deleted the scan-release branch October 14, 2024 14:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@denyeart denyeart denyeart approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bestbeforetoday @denyeart