Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rancher-partner-charts/0_git20241017 package update #31009

Merged
merged 1 commit into from
Oct 17, 2024
Merged

rancher-partner-charts/0_git20241017 package update #31009

merged 1 commit into from
Oct 17, 2024

Conversation

octo-sts[bot]
Copy link
Contributor

@octo-sts octo-sts bot commented Oct 17, 2024

@wolfi-bot
rancher-partner-charts/0_git20241017 package update
c46197d 
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
@octo-sts octo-sts bot added request-version-update request for a newer version of a package automated pr labels Oct 17, 2024
@octo-sts octo-sts bot mentioned this pull request Oct 17, 2024
Closed
@octo-sts Octo STS
Copy link
Contributor Author

octo-sts bot commented Oct 17, 2024

malcontent detected files with a risk score equal or higher than 'CRITICAL': Click to expand/collapse

/tmp/malcontent973118583/packages/x86_64/rancher-partner-charts-0_git20241017-r0.apk/var/lib/rancher-data/local-catalogs/v2/rancher-partner-charts/8f17acdce9bffd6e05a58a3798840e408c4ea71783381ecd2e9af30baad65974/scripts/pull-scripts [🚨 CRITICAL]

RISK KEY DESCRIPTION EVIDENCE
CRITICAL combo/dropper/shell change dir, fetch file, make it executable, and run it ./bin/charts-build-scripts --version
./scripts/build
./version
cd $
chmod +x ./bin/charts-build-scripts
curl -s -L ${CHARTS_BUILD_SCRIPTS_REPO

@octo-sts octo-sts bot added the bincapz/blocking Bincapz (aka malcontent) scan results detected CRITICALs on the packages. label Oct 17, 2024
@egibs egibs added the malcontent/reviewed The malcontent findings in this PR have been manually reviewed by security. label Oct 17, 2024
@egibs egibs mentioned this pull request Oct 17, 2024
Merged
powersj
powersj approved these changes Oct 17, 2024
View reviewed changes
Copy link
Contributor

@powersj powersj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving as small update and reviewed by malcontent.

@powersj powersj merged commit 97e2944 into main Oct 17, 2024
15 checks passed
@powersj powersj deleted the wolfictl-51afd3f2-352b-4ff7-a58f-9bb6a137b66a branch October 17, 2024 14:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@powersj powersj powersj approved these changes

Assignees
No one assigned
Labels
automated pr bincapz/blocking Bincapz (aka malcontent) scan results detected CRITICALs on the packages. malcontent/reviewed The malcontent findings in this PR have been manually reviewed by security. request-version-update request for a newer version of a package
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@powersj @egibs @wolfi-bot