Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: fix bandit workflow configuration (DEV-2536) #470

Merged
merged 1 commit into from
Aug 14, 2023
Merged

fix: fix bandit workflow configuration (DEV-2536) #470

merged 1 commit into from
Aug 14, 2023

Conversation

jnussbaum
Copy link
Collaborator

No description provided.

@jnussbaum jnussbaum self-assigned this Aug 14, 2023
@jnussbaum jnussbaum changed the title chore: fix bandit fix: upload sarif results of bandit workflow to "Security" tab (DEV-2536) Aug 14, 2023
@linear
Copy link

linear bot commented Aug 14, 2023
edited by jnussbaum
Loading

DEV-2536 fix bandit workflow configuration

Configuration of the bandit workflow must be improved:

  • The bandit workflow doesn't upload its results (sarif file), so they aren't visible in the "Security" tab of the dsp-tools repo.
  • There are too many false positives
  • The workflow uses an outdated version of the "checkout" action.

@jnussbaum jnussbaum changed the title fix: upload sarif results of bandit workflow to "Security" tab (DEV-2536) fix: fix bandit workflow configuration (DEV-2536) Aug 14, 2023
@jnussbaum jnussbaum merged commit 4fd6a10 into main Aug 14, 2023
5 of 6 checks passed
@jnussbaum jnussbaum deleted the wip/fix-bandit branch August 14, 2023 08:36
@daschbot daschbot mentioned this pull request Aug 14, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@jnussbaum jnussbaum

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jnussbaum