Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(security): vulnerabilities found in corda-4-8-all-in-one Fixes #2064 #2437

Closed
wants to merge 3 commits into from
Closed

fix(security): vulnerabilities found in corda-4-8-all-in-one Fixes #2064 #2437

wants to merge 3 commits into from

Conversation

adrianbatuto
Copy link
Contributor

No description provided.

@adrianbatuto adrianbatuto changed the title Added azure-container-scan.yaml file fix(security): vulnerabilities found in corda-4-8-all-in-one Fixes #2064 May 24, 2023
@adrianbatuto adrianbatuto marked this pull request as ready for review May 25, 2023 05:44
@adrianbatuto adrianbatuto reopened this May 25, 2023
@adrianbatuto adrianbatuto reopened this May 25, 2023
@adrianbatuto adrianbatuto marked this pull request as draft May 25, 2023 05:57
petermetz
petermetz requested changes Jun 14, 2023
View reviewed changes
Copy link
Contributor

@petermetz petermetz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@adrianbatuto Thank you! Please do the following and then pass it back for re-review:

  1. Confirm that the new image is functioning well via locally executed manual testing:
    1.1. build the image locally,
    1.2. modify one of the test cases to use said local image
    1.3. run the test case against the locally built image
    1.4. post here the steps you took to do all the above, the exact path to the test case and the complete logs the test case produced while using the image
  2. Explain how did you verify that the vulnerabilities are fixed by the change you just made (e.g. did you re-run the scan locally and it showed the warnings missing or something?)
  3. Remove the azure-container-scan.yaml file from the diff, we can add the container scanning in another PR (I think there was another task+PR for it already too)

@jagpreetsinghsasan
Copy link
Contributor

@adrianbatuto any updates on this?

@adrianbatuto
Copy link
Contributor Author

@adrianbatuto any updates on this?

Hi @jagpreetsinghsasan , currently looking into this and following Peter's instructions.

@adrianbatuto adrianbatuto force-pushed the vulnerability-scan branch 3 times, most recently from 0d89609 to 6b0aaed Compare August 15, 2023 05:57
@petermetz
Copy link
Contributor

Closing this for now, let's re-open it once it's ready to be reviewed.

@petermetz petermetz closed this Sep 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@petermetz petermetz petermetz requested changes

@takeutak takeutak Awaiting requested review from takeutak

@izuru0 izuru0 Awaiting requested review from izuru0 izuru0 is a code owner

@jagpreetsinghsasan jagpreetsinghsasan Awaiting requested review from jagpreetsinghsasan jagpreetsinghsasan is a code owner

@VRamakrishna VRamakrishna Awaiting requested review from VRamakrishna VRamakrishna is a code owner

@sandeepnRES sandeepnRES Awaiting requested review from sandeepnRES sandeepnRES is a code owner

@outSH outSH Awaiting requested review from outSH outSH will be requested when the pull request is marked ready for review outSH is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@adrianbatuto @jagpreetsinghsasan @petermetz