Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add "Security" check: project has published a CVE #30

Open
caniszczyk opened this issue Feb 9, 2022 · 1 comment
Open

Add "Security" check: project has published a CVE #30

caniszczyk opened this issue Feb 9, 2022 · 1 comment
Labels
area/core new check on hold

Comments

@caniszczyk
Copy link

We should check that a project has published a CVE

https://github.com/containerd/containerd/security/advisories

It shouldn't have a ton of weight but it's a good practice for projects to do so
@tegioz
Copy link
Contributor

tegioz commented Mar 1, 2022

It looks like the Github GraphQL API doesn't allow yet to query security advisories by repository (Rest API doesn't expose this information). Will keep an eye on it though.

@tegioz tegioz added the on hold label Mar 1, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/core new check on hold
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@caniszczyk @tegioz