Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

handle IQ policy Warning. #190

Merged
merged 4 commits into from
Sep 22, 2020
Merged

handle IQ policy Warning. #190

merged 4 commits into from
Sep 22, 2020

Conversation

bhamail
Copy link
Contributor

@bhamail bhamail commented Sep 22, 2020

Print a message with a hint about policy Warnings from IQ.

Discovered while setting up IQ dog-fooding

cc @bhamail / @DarthHater

DarthHater
DarthHater reviewed Sep 22, 2020
View reviewed changes
internal/cmd/iq.go Outdated Show resolved Hide resolved
DarthHater
DarthHater reviewed Sep 22, 2020
View reviewed changes
Makefile Outdated
@@ -43,8 +43,14 @@ test: build
$(GOTEST) -v ./... 2>&1

integration-test: build
# temporary workaround, remove next line when x/net false positive is fixed
echo 'CVE-2018-17142\nCVE-2018-17846\nCVE-2018-17143\nCVE-2018-17847\nCVE-2018-17848' > packages/testdata/.nancy-ignore
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would add a CVN-111 until=2021-01-01 type thing to this, so they are only ever ignored for like a week or two. We really don't want to have these ignored forever if they become applicable.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes! Done: e313db8 Also added comment to Issue #189

DarthHater
DarthHater requested changes Sep 22, 2020
View reviewed changes
Copy link
Member

@DarthHater DarthHater left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Likely want to only ignore the CVEs until a specific date, asked for a change related to that

@bhamail bhamail merged commit 3c770ba into master Sep 22, 2020
@bhamail bhamail deleted the iq_warning branch September 22, 2020 21:41
zendern pushed a commit to zendern/nancy that referenced this pull request Apr 16, 2021
@bhamail @zendern
handle IQ policy Warning. (sonatype-nexus-community#190)
7a7699a 
* handle IQ policy Warning.
* workaround x/net false positive
zendern pushed a commit to zendern/nancy that referenced this pull request Mar 7, 2022
@bhamail @zendern
handle IQ policy Warning. (sonatype-nexus-community#190)
739490e 
* handle IQ policy Warning.
* workaround x/net false positive
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DarthHater DarthHater DarthHater approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@bhamail @DarthHater