-
Notifications
You must be signed in to change notification settings - Fork 75
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
handle IQ policy Warning. #190
Conversation
Makefile
Outdated
@@ -43,8 +43,14 @@ test: build | |||
$(GOTEST) -v ./... 2>&1 | |||
|
|||
integration-test: build | |||
# temporary workaround, remove next line when x/net false positive is fixed | |||
echo 'CVE-2018-17142\nCVE-2018-17846\nCVE-2018-17143\nCVE-2018-17847\nCVE-2018-17848' > packages/testdata/.nancy-ignore |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would add a CVN-111 until=2021-01-01
type thing to this, so they are only ever ignored for like a week or two. We really don't want to have these ignored forever if they become applicable.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Likely want to only ignore the CVEs until a specific date, asked for a change related to that
* handle IQ policy Warning. * workaround x/net false positive
* handle IQ policy Warning. * workaround x/net false positive
Print a message with a hint about policy Warnings from IQ.
Discovered while setting up IQ dog-fooding
cc @bhamail / @DarthHater