Requirement: Static source code analysis daily or per commit #985
Labels
Comments
|
Coverity is supposed to be updated at least daily. However, it currently says that the last build was a month ago. I am still unclear as to how we submit build requests, cc @nodejs/build. |
node-daily-coverity runs the scanning tool daily and submits the results to Coverity. The uploads are being rejected: nodejs/build#3343 |
|
I think the requirement is met, we just need to get coverity going again. |
UlisesGascon
added a commit
to UlisesGascon/security-wg
that referenced
this issue
May 17, 2023
As discussed in nodejs#985
|
Thanks for the additional information. I updated the PR in ac1e6c7 👍 |
RafaelGSS
added a commit
that referenced
this issue
Jun 8, 2023
* feat: copied passing criterial Questions and Answers * fix: updated link See: https://github.com/nodejs/security-wg/pull/954/files#r1179648034 * docs: static source code analysis is a met criteria As discussed in #985 * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Tobias Nießen <tniessen@tnie.de> * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com> * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com> * Update tools/ossf_best_practices/passing_criteria.md --------- Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com> Co-authored-by: Tobias Nießen <tniessen@tnie.de> Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com>
patrickm68
added a commit
to patrickm68/security-wg-process
that referenced
this issue
Sep 14, 2023
* feat: copied passing criterial Questions and Answers * fix: updated link See: https://github.com/nodejs/security-wg/pull/954/files#r1179648034 * docs: static source code analysis is a met criteria As discussed in nodejs/security-wg#985 * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Tobias Nießen <tniessen@tnie.de> * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com> * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com> * Update tools/ossf_best_practices/passing_criteria.md --------- Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com> Co-authored-by: Tobias Nießen <tniessen@tnie.de> Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com>
mattstern31
added a commit
to mattstern31/security-wg-process
that referenced
this issue
Nov 11, 2023
* feat: copied passing criterial Questions and Answers * fix: updated link See: https://github.com/nodejs/security-wg/pull/954/files#r1179648034 * docs: static source code analysis is a met criteria As discussed in nodejs/security-wg#985 * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Tobias Nießen <tniessen@tnie.de> * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com> * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com> * Update tools/ossf_best_practices/passing_criteria.md --------- Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com> Co-authored-by: Tobias Nießen <tniessen@tnie.de> Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Original discussion: https://github.com/nodejs/security-wg/pull/954/files#r1167970826 @mhdawson @tniessen
Currently this requirement is UNMET
The text was updated successfully, but these errors were encountered: