Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CI: Add back static analysis and checking Python dependencies for CVEs #4034

Merged
merged 1 commit into from
Jan 15, 2019

Conversation

redshiftzero
Copy link
Contributor

Status

Ready for review

Description of Changes

Fixes #4033

Changes proposed in this pull request:

  • Returns static analysis and checking for CVEs in Python dependencies to CI (now in a separate Circle job)

Testing

CI job static-analysis-and-no-known-cves should run and be green 💚

Deployment

CI only

Checklist

If you made non-trivial code changes:

  • I have written a test plan and validated it for this PR

Copy link
Contributor

@kushaldas kushaldas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is good. 👍

Copy link
Contributor

@emkll emkll left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great catch, thanks for fixing @redshiftzero.
Since this regression occurred as part of a large change, I'm not sure if adding code ownership to the file would guard against similar regressions in the future. We thankfully had GitHub notifications, which alerted repo maintainers via email when a library was out of date.

@emkll emkll merged commit e693f1f into develop Jan 15, 2019
@emkll emkll deleted the ci-security-checks branch January 15, 2019 15:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants