Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixes to the OSV rule_type and profile #1416

Merged
merged 1 commit into from
Nov 2, 2023
Merged

Fixes to the OSV rule_type and profile #1416

merged 1 commit into from
Nov 2, 2023

Conversation

jhrozek
Copy link
Contributor

@jhrozek jhrozek commented Nov 2, 2023

Turns out that writing docs finds issues.

  • the rule type was missing the sum_repository. Luckily the rule still works fine if it defined extra attributes, but we should declare all we use in the schema.
  • the example profile was using https://vuln.go.dev which is wrong as it doesn't directly expose the OSV endpoint (just an edpoint with a compressed file in the right format)

rdimitrov
rdimitrov reviewed Nov 2, 2023
View reviewed changes
Copy link
Member

@rdimitrov rdimitrov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice! 😃

Can you update the example in the doc too - https://github.com/stacklok/minder/blob/main/docs/docs/understand/profiles.md

@jhrozek
Fixes to the OSV rule_type and profile
4c4b38f 
- the rule type was missing the `sum_repository`. Luckily the rule still
  works fine if it defined extra attributes, but we should declare all
  we use in the schema.
- the example profile was using https://vuln.go.dev which is wrong as it
  doesn't directly expose the OSV endpoint (just an edpoint with a
  compressed file in the right format)
@jhrozek
Copy link
Contributor Author

jhrozek commented Nov 2, 2023

Nice! 😃

Can you update the example in the doc too - https://github.com/stacklok/minder/blob/main/docs/docs/understand/profiles.md

sure, thank you for the quick review.

@jhrozek jhrozek merged commit 38c1a98 into stacklok:main Nov 2, 2023
13 checks passed
@evankanderson evankanderson mentioned this pull request Nov 6, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rdimitrov rdimitrov rdimitrov left review comments

@evankanderson evankanderson evankanderson approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jhrozek @evankanderson @rdimitrov