Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Run vulnerability scan on latest release version #355

Merged
merged 1 commit into from
Oct 14, 2024

Commits on Oct 14, 2024

  1. Run vulnerability scan on latest release version

    Previously the scan ran on the current state of the codebase. This fails
    to identify vulnerabilities in dependencies for the latest release
    version if those dependencies have already been updated in the
    development codebase. The gating factor for whether a new release is
    required should be whether the previous release contains
    vulnerabilities.
    
    This change runs the scheduled vulnerability scan on the latest release
    tag. It also adds vulnerability scanning to pull request builds. This is
    purely informational. A scan failure does not fail the pull request
    build.
    
    Signed-off-by: Mark S. Lewis <Mark.S.Lewis@outlook.com>
    bestbeforetoday committed Oct 14, 2024
    Configuration menu
    Copy the full SHA
    6f1ae8f View commit details
    Browse the repository at this point in the history