Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider running the Infra: CVE checks with every commit as well #707

Open
2 tasks done
yeikel opened this issue Dec 12, 2024 · 0 comments
Open
2 tasks done

Consider running the Infra: CVE checks with every commit as well #707

yeikel opened this issue Dec 12, 2024 · 0 comments
Labels
scope/infra CI, CD, dev. env, etc. status/triage/completed Automatic triage completed status/triage/manual Manual triage in progress type/feature A brand new feature

Comments

@yeikel
Copy link
Contributor

yeikel commented Dec 12, 2024

Issue submitter TODO list

  • I've searched for an already existing issues here
  • I'm running a supported version of the application which is listed here and the feature is not present there

Is your proposal related to a problem?

Currently, the "Infra: CVE checks" check is configured to run twice per month, and while that is great, it does not raise the constant awareness that CVE should raise.

For example, the latest run failed but it is only known if we navigate to the specific build check while main is considered to be healthy

Describe the feature you're interested in

We should extend the cve_checks.yml workflow to also run on pull requests and merges to main. It should continue to be a separate check

  • Pull requests: Because we should not be introducing new dependencies with CVEs
  • On Main : To raise awareness and serve as a continuous reminder that actions may be needed

Describe alternatives you've considered

Use the existing schedule and remember to check manually

Version you're running

318bcc9

Additional context

No response
@yeikel yeikel added status/triage Issues pending maintainers triage type/feature A brand new feature labels Dec 12, 2024
@kapybro kapybro bot added status/triage/manual Manual triage in progress scope/infra CI, CD, dev. env, etc. status/triage/completed Automatic triage completed and removed status/triage Issues pending maintainers triage labels Dec 12, 2024
@yeikel yeikel changed the title Consider running the "Infra: CVE checks" with every commit as well Consider running the Infra: CVE checks with every commit as well Dec 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
scope/infra CI, CD, dev. env, etc. status/triage/completed Automatic triage completed status/triage/manual Manual triage in progress type/feature A brand new feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@yeikel