docs: Security assessment 23.12 #168
Conversation
|
@pablosec you'll have to rebase, as we've already synced the security.md in the previous merge. |
|
@borisrizov-zf done @OSchlienz @SSIRKC any remarks on the security assessment before merging? |
|
@pablosec nothing to add from my side, thanks! |
|
Hi @pablosec, since this PR is closed there isnt much to add from my side then. I am happy to assist in case you need feedback outside of this PR. |
|
Re-opened for @borisrizov-zf to merge. Thanks! |
There was a problem hiding this comment.
We'll need a rebase as #176 fixed a dependency incompatibility.
|
@pablosec I've edited the description, adding a close for an issue related to this review. |
|
Kudos, SonarCloud Quality Gate passed!
|
@borisrizov-zf done. |
|
@OSchlienz please review, afterwards I'll merge this. |
|
🎉 This PR is included in version 0.2.0-develop.10 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 0.3.0-develop.1 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 0.3.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Description
PR to add security assessment for release 23.12 to the
/docsfolder. Future security assessments will be added to the same subfolder.The findings were added as issues and are linked from the report.
If there were any high- or maximum-risk findings, they would be submitted as security advisories (not the case in this assessment).
Please feel free to add comments for anything unclear or mis-understood or for any other remarks.
Thanks for participating in the re-assessment of MIW!
See also: eclipse-tractusx/sig-release#103
Closes #173
Pre-review checks
Please ensure to do as many of the following checks as possible, before asking for committer review: