Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enable BinSkim scan in nightly validation #8976

Merged
merged 2 commits into from
Jun 30, 2023

Conversation

MilenaHristova
Copy link
Contributor

Enabling BinSkim scan over build artifacts in Validate-DotNet pipeline
Issue: dotnet/arcade-services#2647

@andriipatsula will merge this once the change in the pipeline is tested. After the validation pipeline run you can expect a TSA email with some alerts from the BinSkim scan

Copy link
Member

@andriipatsula andriipatsula left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We are required to run SDL tools on official builds and implement automated bug filling for the tools output. Currently we are running SDL checks over the source code in the nightly builds and in the .NET staging pipeline, but to be compliant we need to also run BinSkim over the produced artifacts.

This PRs is enabling BinSkim checks in the nightly run of Validate-DotNet pipeline.

@andriipatsula
Copy link
Member

@JanKrivanek can you please merge this PR. I see a message "The base branch restricts merging to authorized users".

@JanKrivanek JanKrivanek merged commit 021b81b into dotnet:main Jun 30, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants