Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: ignore centos CVE-2020-22218 and CVE-2023-3341 #369

Merged
merged 3 commits into from
Oct 16, 2023
Merged

ci: ignore centos CVE-2020-22218 and CVE-2023-3341 #369

merged 3 commits into from
Oct 16, 2023

Conversation

sozercan
Copy link
Member

@sozercan sozercan commented Oct 12, 2023
edited

Describe the changes in this pull request using active verbs such as Add, Remove, Replace ...

Ignore CVE-2020-22218 as it is not in centos repos yet, this is blocking CI
https://pkgs.org/download/libssh2

aquasecurity/trivy#4847

Closes #<issue_ID>

@sozercan sozercan changed the title ignore centos CVE-2020-22218 ci: ignore centos CVE-2020-22218 Oct 12, 2023
@codecov
Copy link

codecov bot commented Oct 12, 2023
edited

Codecov Report

All modified lines are covered by tests ✅

Comparison is base (ed77375) 32.29% compared to head (7b4e69c) 32.29%.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #369   +/-   ##
=======================================
  Coverage   32.29%   32.29%           
=======================================
  Files          17       17           
  Lines        1567     1567           
=======================================
  Hits          506      506           
  Misses       1032     1032           
  Partials       29       29

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@sozercan
ignore centos CVE-2020-22218
1fd7c32 
Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
@salaxander
Copy link
Contributor

@sozercan we should merge this with the failing CI correct? It should fix it for subsequent PRs?

@sozercan
Copy link
Member Author

@salaxander no, this PR should be green. it is not working properly

@sozercan
Copy link
Member Author

rego was missing ignore. previously ignored package got eventually published to centos repos, that's why it was not failing before.

@sozercan
fix rego
866163b 
Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
@sozercan
another cve
7b4e69c 
Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
@sozercan sozercan changed the title ci: ignore centos CVE-2020-22218 ci: ignore centos CVE-2020-22218 and CVE-2023-3341 Oct 16, 2023
@sozercan
Copy link
Member Author

--- PASS: TestPatch/Valid_rpm_DB,_yum_present#01 (68.59s) is passing but CI is still failing for a different issue.

@sozercan sozercan merged commit ff4fb01 into project-copacetic:main Oct 16, 2023
11 of 15 checks passed
@sozercan sozercan deleted the ignore-CVE-2020-22218 branch October 16, 2023 19:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@salaxander salaxander salaxander approved these changes

@jeremyrickard jeremyrickard Awaiting requested review from jeremyrickard jeremyrickard is a code owner

Assignees
No one assigned
Labels
None yet
Projects
Copacetic Workboard
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@sozercan @salaxander