Skip to content

ci/docs: add vulnerability scanning workflow & security policy#3106

Merged
georglauterbach merged 5 commits intomasterfrom
security/add-gh-actions-workflow
Feb 23, 2023
Merged

ci/docs: add vulnerability scanning workflow & security policy#3106
georglauterbach merged 5 commits intomasterfrom
security/add-gh-actions-workflow

Conversation

@georglauterbach
Copy link
Copy Markdown
Member

@georglauterbach georglauterbach commented Feb 22, 2023

Description

Title says it all, commits descriptions have proper comments :)

Type of change

  • New feature (non-breaking change which adds functionality)

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation (README.md or the documentation under docs/)
  • If necessary I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes

@georglauterbach
add generic worklfow for vulnerability scanning
469ef65
@georglauterbach
Merge remote-tracking branch 'origin/master' into security/add-gh-act…
58231de 
…ions-workflow
@georglauterbach
update vulnerability scan action & integrate it
9c5a20f 
The new scan is now integrated into the weekly build. It should not fail
the build, only report vulnerabilities.
@georglauterbach
add short security policy
c5706a8 
This is a brief policy describing how we handle vulnerabilities and how
people should report them.
@georglauterbach georglauterbach added area/ci kind/new feature A new feature is requested in this issue or implemeted with this PR area/security labels Feb 22, 2023
@georglauterbach georglauterbach added this to the v12.0.0 milestone Feb 22, 2023
@georglauterbach georglauterbach self-assigned this Feb 22, 2023
polarathene
polarathene requested changes Feb 23, 2023
View reviewed changes
Comment thread .github/workflows/generic_vulnerability-scan.yml
polarathene
polarathene approved these changes Feb 23, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@polarathene polarathene left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for taking the time to sort this out 😀

@georglauterbach georglauterbach merged commit 4e82d4d into master Feb 23, 2023
@georglauterbach georglauterbach deleted the security/add-gh-actions-workflow branch February 23, 2023 07:53
@polarathene polarathene mentioned this pull request Mar 3, 2023
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@polarathene polarathene polarathene approved these changes

Assignees

@georglauterbach georglauterbach

Labels

area/ci area/security kind/new feature A new feature is requested in this issue or implemeted with this PR

Projects

None yet

Milestone

v12.0.0

Development

Successfully merging this pull request may close these issues.

2 participants

@georglauterbach @polarathene