Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Setup SNYK scan on Upstream repos #43

Open
vaibhavjainwiz opened this issue Jul 31, 2023 · 1 comment
Open

Setup SNYK scan on Upstream repos #43

vaibhavjainwiz opened this issue Jul 31, 2023 · 1 comment
Labels
kind/security Indicates that this is a security issue that should be addressed

Comments

@vaibhavjainwiz
Copy link
Collaborator

vaibhavjainwiz commented Jul 31, 2023
edited

Currently SNYK is configured to scan red-hat-data-services org repos but move the security vulnerability fix from upstream to downstream would take long time. So it would be great if we could create new organisation within SNYK, which scan upstream repos so that developer could quickly check the results of their fixes.

following below link to follow this thread :
https://redhat-internal.slack.com/archives/C03UA0RLSQM/p1690524608072849
@vaibhavjainwiz vaibhavjainwiz self-assigned this Jul 31, 2023
@vaibhavjainwiz
Copy link
Collaborator Author

On 3rd August we had a discussion with Prod Sec regarding enabling SNYK scan on Upstream repo.
They had suggested to use snyk cli to scan upstream repo. I had created below Github issue to do POC on it.
#53

@heyselbi heyselbi added the kind/security Indicates that this is a security issue that should be addressed label Aug 22, 2023
@vaibhavjainwiz vaibhavjainwiz removed their assignment Aug 22, 2023
Jooho pushed a commit to Jooho/kserve that referenced this issue Jan 11, 2024
@VedantMahabaleshwarkar
Merge pull request opendatahub-io#43 from Xaenalt/main
441fb22 
Update makefile to remove DTYPE_STR as it's no longer needed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/security Indicates that this is a security issue that should be addressed
Projects
Internal tracking
Status: No status
ODH Feature Tracking
Status: No status
ODH Model Serving Planning
Status: To-do/Groomed
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vaibhavjainwiz @heyselbi