Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: request cve automatically #777

Merged
merged 12 commits into from
Apr 4, 2024
Merged

feat: request cve automatically #777

merged 12 commits into from
Apr 4, 2024

Conversation

marco-ippolito
Copy link
Member

@marco-ippolito marco-ippolito commented Mar 8, 2024
edited
Loading

the command git-node security --request-cve
will read the vulnerabilities.json and request a cve for each report, if does not find the severity in the report will try to fetch it from hackerone, we can probably make the json path optional and try to read it from the standard location

@marco-ippolito marco-ippolito force-pushed the feat/automate-cve-creation branch 2 times, most recently from 0e74e96 to 2cf417b Compare March 8, 2024 09:55
@codecov Codecov
Copy link

codecov bot commented Mar 8, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 82.97%. Comparing base (59526a8) to head (a9505eb).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #777   +/-   ##
=======================================
  Coverage   82.97%   82.97%           
=======================================
  Files          37       37           
  Lines        4200     4200           
=======================================
  Hits         3485     3485           
  Misses        715      715

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@marco-ippolito marco-ippolito force-pushed the feat/automate-cve-creation branch 2 times, most recently from 4f7ae71 to 4dd90a2 Compare March 8, 2024 13:57
@marco-ippolito marco-ippolito mentioned this pull request Mar 13, 2024
Open
@marco-ippolito
Copy link
Member Author

cc @RafaelGSS

@marco-ippolito marco-ippolito force-pushed the feat/automate-cve-creation branch 2 times, most recently from ae94214 to 10b3680 Compare March 20, 2024 14:43
@marco-ippolito
Copy link
Member Author

this needs to land before: #780

@marco-ippolito marco-ippolito force-pushed the feat/automate-cve-creation branch 3 times, most recently from 47a5e7e to 6c9e091 Compare March 26, 2024 08:01
@marco-ippolito marco-ippolito marked this pull request as ready for review March 27, 2024 11:47
RafaelGSS
RafaelGSS reviewed Mar 27, 2024
View reviewed changes
components/git/security.js Outdated Show resolved Hide resolved
components/git/security.js Outdated Show resolved Hide resolved
lib/h1-cve.js Outdated Show resolved Hide resolved
lib/h1-cve.js Outdated Show resolved Hide resolved
lib/h1-cve.js Outdated Show resolved Hide resolved
lib/h1-cve.js Outdated Show resolved Hide resolved
lib/h1-cve.js Outdated Show resolved Hide resolved
lib/h1-cve.js Outdated Show resolved Hide resolved
@marco-ippolito marco-ippolito force-pushed the feat/automate-cve-creation branch 2 times, most recently from aee7183 to 70b871c Compare April 1, 2024 13:53
@marco-ippolito
Copy link
Member Author

reminder to remove createdAt and always set cve creation as today

@RafaelGSS
Copy link
Member

@marco-ippolito would you mind creating a list of tasks remaining for this PR?

  • createdAt
  • ...

@RafaelGSS RafaelGSS merged commit 8a04848 into nodejs:main Apr 4, 2024
11 checks passed
@github-actions github-actions bot mentioned this pull request Apr 4, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RafaelGSS RafaelGSS RafaelGSS approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@marco-ippolito @RafaelGSS