Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix security config #8

Closed
wants to merge 4 commits into from
Closed

Fix security config #8

wants to merge 4 commits into from

Conversation

scherersebastian
Copy link
Member

Where is the frontend container scan (still in catena-x(ng))?
Codeql is not mandatory anymore - you can keep it if you want. Veracode also performs SAST and is much better.

@scherersebastian
Delete codeql-config.yml
e460f37 
Codeql is not mandatory anymore - if you still want to use it, keep it
@scherersebastian
Delete codeql.yml
673aba2
@scherersebastian
Update kics.yml
aac95e9
@scherersebastian
Use latest tag
864b71f
@scherersebastian
Copy link
Member Author

If you want to exclude findings, please briefly comment why they are not relevant.
Looked through a few of the related commits, wasn't there. Unfortunarely, I am not allowed to see the comments in the security dashboard.

@ds-ext-kmassalski ds-ext-kmassalski mentioned this pull request Jan 17, 2023
Merged
@ds-jkreutzfeld
Copy link
Member

Thank you for the proposal. :) We actually updated some of this stuff and also removed exclusions where possible (and added comments for those that are still there).
We decided to keep CodeQL for now due to the quick feedback in PRs. This might change in the future.

I would suggest to close the PR as your ideas have been implemented by now.

@scherersebastian scherersebastian closed this by deleting the head repository Jan 24, 2023
ds-mwesener added a commit to Cofinity-X/entry-item-relationship-service that referenced this pull request Oct 2, 2024
@ds-mwesener
Merge pull request eclipse-tractusx#8 from Cofinity-X/chore/TRX-50-co…
6fdfc96 
…finity-docker-image-workflow

chore: [TRX-50] create docker image build workflow for cofinity image
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@scherersebastian @ds-jkreutzfeld