Skip to content
This repository has been archived by the owner on Nov 9, 2023. It is now read-only.

Security Policy violation Binary Artifacts #94

Closed
google-allstar-prod bot opened this issue Dec 15, 2022 · 6 comments
Closed

Security Policy violation Binary Artifacts #94

google-allstar-prod bot opened this issue Dec 15, 2022 · 6 comments
Assignees
@hjonnala
Labels
allstar

Comments

@google-allstar-prod
Copy link

This issue was automatically created by Allstar.

Security Policy Violation
Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • posenet_lib/aarch64/posenet_decoder.so
  • posenet_lib/armv7a/posenet_decoder.so
  • posenet_lib/x86_64/posenet_decoder.so

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

Allstar has been installed on all Google managed GitHub orgs. Policies are gradually being rolled out and enforced by the GOSST and OSPO teams. Learn more at http://go/allstar

This issue will auto resolve when the policy is in compliance.

Issue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer.
@google-allstar-prod
Copy link
Author

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • posenet_lib/aarch64/posenet_decoder.so
  • posenet_lib/armv7a/posenet_decoder.so
  • posenet_lib/x86_64/posenet_decoder.so

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

3 similar comments
@google-allstar-prod
Copy link
Author

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • posenet_lib/aarch64/posenet_decoder.so
  • posenet_lib/armv7a/posenet_decoder.so
  • posenet_lib/x86_64/posenet_decoder.so

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

@google-allstar-prod
Copy link
Author

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • posenet_lib/aarch64/posenet_decoder.so
  • posenet_lib/armv7a/posenet_decoder.so
  • posenet_lib/x86_64/posenet_decoder.so

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

@google-allstar-prod
Copy link
Author

Updating issue after ping interval. See its status below.

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

Artifacts Found

  • posenet_lib/aarch64/posenet_decoder.so
  • posenet_lib/armv7a/posenet_decoder.so
  • posenet_lib/x86_64/posenet_decoder.so

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

@hjonnala
Copy link

Disbaled the allstar for this repo.

@google-coral-bot
Copy link

Are you satisfied with the resolution of your issue?
Yes
No

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@hjonnala hjonnala

Labels
allstar
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hjonnala