You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Feb 15, 2024. It is now read-only.
As we try to enforce GitOps as paradigm to bring continuous quality, security and legal compliance on across all our repositories, also reporting and notifications should align.
As soon as finos/metadata-tool#60 is merged, the (FINOS internal) Metadata Tool nightly run will also report all repositories having issues labeled with security vulnerability and quality checks, allowing to have reporting abilities across security and quality aspects of our hosted code.
Given the introduction of LFX (specifically, Insights and Vulnerability Detection) in our infrastructure, we are going to rely on those collaboration tools.
Related to #31
Acceptance criteria:
Tasks:
Dependencies:
This story depends on the following ones:
Implementation
As we try to enforce GitOps as paradigm to bring continuous quality, security and legal compliance on across all our repositories, also reporting and notifications should align.
For example, in order to report on security, it is already possible to get the raw data from https://api.github.com/search/issues?q=org:finos%20label:%22security%20vulnerability%22
Using JQ, it is possible to export the data in any format.
The text was updated successfully, but these errors were encountered: