-
Notifications
You must be signed in to change notification settings - Fork 122
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Requirement: Static source code analysis daily or per commit #985
Comments
Coverity is supposed to be updated at least daily. However, it currently says that the last build was a month ago. I am still unclear as to how we submit build requests, cc @nodejs/build. |
node-daily-coverity runs the scanning tool daily and submits the results to Coverity. The uploads are being rejected: nodejs/build#3343 |
I think the requirement is met, we just need to get coverity going again. |
As discussed in nodejs#985
Thanks for the additional information. I updated the PR in ac1e6c7 👍 |
* feat: copied passing criterial Questions and Answers * fix: updated link See: https://github.com/nodejs/security-wg/pull/954/files#r1179648034 * docs: static source code analysis is a met criteria As discussed in #985 * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Tobias Nießen <tniessen@tnie.de> * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com> * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com> * Update tools/ossf_best_practices/passing_criteria.md --------- Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com> Co-authored-by: Tobias Nießen <tniessen@tnie.de> Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com>
* feat: copied passing criterial Questions and Answers * fix: updated link See: https://github.com/nodejs/security-wg/pull/954/files#r1179648034 * docs: static source code analysis is a met criteria As discussed in nodejs/security-wg#985 * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Tobias Nießen <tniessen@tnie.de> * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com> * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com> * Update tools/ossf_best_practices/passing_criteria.md --------- Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com> Co-authored-by: Tobias Nießen <tniessen@tnie.de> Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com>
* feat: copied passing criterial Questions and Answers * fix: updated link See: https://github.com/nodejs/security-wg/pull/954/files#r1179648034 * docs: static source code analysis is a met criteria As discussed in nodejs/security-wg#985 * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Tobias Nießen <tniessen@tnie.de> * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com> * Update tools/ossf_best_practices/passing_criteria.md Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com> * Update tools/ossf_best_practices/passing_criteria.md --------- Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com> Co-authored-by: Tobias Nießen <tniessen@tnie.de> Co-authored-by: Rafael Gonzaga <rafael.nunu@hotmail.com>
Original discussion: https://github.com/nodejs/security-wg/pull/954/files#r1167970826 @mhdawson @tniessen
Currently this requirement is UNMET
The text was updated successfully, but these errors were encountered: