Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update undici CPE in vulnerability checking script #44128

Merged
merged 1 commit into from
Aug 6, 2022
Merged

Update undici CPE in vulnerability checking script #44128

merged 1 commit into from
Aug 6, 2022

Conversation

facutuesca
Copy link
Contributor

This changes the search method for undici on the NVD database.

Before, since undici did not have a CPE assigned, the search was by keyword.
Now that a CPE was assigned, it is used to query for new vulnerabilities.

@facutuesca
tools: update undici CPE in vuln checking script
1887ff7 
This changes the search method for `undici` on the NVD database.
Before, since `undici` did not have a CPE assigned, the search
was by keyword. Now that a CPE was assigned, it is used to query
for new vulnerabilities.
@nodejs-github-bot nodejs-github-bot added the tools Issues and PRs related to the tools directory. label Aug 4, 2022
@facutuesca facutuesca mentioned this pull request Aug 4, 2022
Closed
@RafaelGSS
Copy link
Member

cc: @nodejs/security-wg

RafaelGSS
RafaelGSS approved these changes Aug 4, 2022
View reviewed changes
Copy link
Member

@RafaelGSS RafaelGSS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

mhdawson
mhdawson approved these changes Aug 4, 2022
View reviewed changes
Copy link
Member

@mhdawson mhdawson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mhdawson mhdawson added the fast-track PRs that do not need to wait for 48 hours to land. label Aug 4, 2022
@github-actions
Copy link
Contributor

github-actions bot commented Aug 4, 2022

Fast-track has been requested by @mhdawson. Please 👍 to approve.

@richardlau richardlau added the commit-queue Add this label to land a pull request using GitHub Actions. label Aug 6, 2022
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Aug 6, 2022
@nodejs-github-bot nodejs-github-bot merged commit 994081f into nodejs:main Aug 6, 2022
@nodejs-github-bot
Copy link
Collaborator

Landed in 994081f

@facutuesca facutuesca deleted the dep-checker-undici branch August 10, 2022 06:17
danielleadams pushed a commit that referenced this pull request Aug 16, 2022
@facutuesca @danielleadams
tools: update undici CPE in vuln checking script
6c4b2e0 
This changes the search method for `undici` on the NVD database.
Before, since `undici` did not have a CPE assigned, the search
was by keyword. Now that a CPE was assigned, it is used to query
for new vulnerabilities.

PR-URL: #44128
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
@danielleadams danielleadams mentioned this pull request Aug 16, 2022
Closed
ruyadorno pushed a commit that referenced this pull request Aug 23, 2022
@facutuesca @ruyadorno
tools: update undici CPE in vuln checking script
b252f38 
This changes the search method for `undici` on the NVD database.
Before, since `undici` did not have a CPE assigned, the search
was by keyword. Now that a CPE was assigned, it is used to query
for new vulnerabilities.

PR-URL: #44128
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
@ruyadorno ruyadorno mentioned this pull request Aug 23, 2022
Merged
targos pushed a commit that referenced this pull request Sep 5, 2022
@facutuesca @targos
tools: update undici CPE in vuln checking script
e125523 
This changes the search method for `undici` on the NVD database.
Before, since `undici` did not have a CPE assigned, the search
was by keyword. Now that a CPE was assigned, it is used to query
for new vulnerabilities.

PR-URL: #44128
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Fyko pushed a commit to Fyko/node that referenced this pull request Sep 15, 2022
@facutuesca @Fyko
tools: update undici CPE in vuln checking script
3d99a4e 
This changes the search method for `undici` on the NVD database.
Before, since `undici` did not have a CPE assigned, the search
was by keyword. Now that a CPE was assigned, it is used to query
for new vulnerabilities.

PR-URL: nodejs#44128
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
juanarbol pushed a commit that referenced this pull request Oct 10, 2022
@facutuesca @juanarbol
tools: update undici CPE in vuln checking script
2ed13cc 
This changes the search method for `undici` on the NVD database.
Before, since `undici` did not have a CPE assigned, the search
was by keyword. Now that a CPE was assigned, it is used to query
for new vulnerabilities.

PR-URL: #44128
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
@juanarbol juanarbol mentioned this pull request Oct 11, 2022
Merged
juanarbol pushed a commit that referenced this pull request Oct 11, 2022
@facutuesca @juanarbol
tools: update undici CPE in vuln checking script
5d5971c 
This changes the search method for `undici` on the NVD database.
Before, since `undici` did not have a CPE assigned, the search
was by keyword. Now that a CPE was assigned, it is used to query
for new vulnerabilities.

PR-URL: #44128
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
guangwong pushed a commit to noslate-project/node that referenced this pull request Jan 3, 2023
@facutuesca @guangwong
tools: update undici CPE in vuln checking script
22fd196 
This changes the search method for `undici` on the NVD database.
Before, since `undici` did not have a CPE assigned, the search
was by keyword. Now that a CPE was assigned, it is used to query
for new vulnerabilities.

PR-URL: nodejs/node#44128
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
guangwong pushed a commit to noslate-project/node that referenced this pull request Jan 3, 2023
@facutuesca @guangwong
tools: update undici CPE in vuln checking script
395c6f8 
This changes the search method for `undici` on the NVD database.
Before, since `undici` did not have a CPE assigned, the search
was by keyword. Now that a CPE was assigned, it is used to query
for new vulnerabilities.

PR-URL: nodejs/node#44128
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DanielRuf DanielRuf DanielRuf approved these changes

@richardlau richardlau richardlau approved these changes

@mhdawson mhdawson mhdawson approved these changes

@RafaelGSS RafaelGSS RafaelGSS approved these changes

@VoltrexKeyva VoltrexKeyva VoltrexKeyva approved these changes

Assignees
No one assigned
Labels
fast-track PRs that do not need to wait for 48 hours to land. tools Issues and PRs related to the tools directory.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@facutuesca @RafaelGSS @nodejs-github-bot @DanielRuf @richardlau @mhdawson @VoltrexKeyva