Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): Included dependency review #3127

Merged
merged 1 commit into from
May 24, 2022
Merged

chore(deps): Included dependency review #3127

merged 1 commit into from
May 24, 2022

Conversation

naveensrinivasan
Copy link
Contributor

Dependency Review GitHub Action in your repository to enforce dependency reviews on your pull requests.
The action scans for vulnerable versions of dependencies introduced by package version changes in pull requests,
and warns you about the associated security vulnerabilities.
This gives you better visibility of what's changing in a pull request,
and helps prevent vulnerabilities being added to your repository.

https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement

@naveensrinivasan
Copy link
Contributor Author

@nixpanic 👀

@Madhu-1 Madhu-1 added component/testing Additional test cases or CI work ci/skip/e2e skip running e2e CI jobs labels May 19, 2022
yati1998
yati1998 requested changes May 19, 2022
View reviewed changes
Copy link
Contributor

@yati1998 yati1998 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please check the CI errors. You need to check the commit messgae.

@naveensrinivasan
Copy link
Contributor Author

Please check the CI errors. You need to check the commit messgae.

I took care of PTAL. Thanks

@naveensrinivasan naveensrinivasan force-pushed the naveensrinivasan/deps-review branch 2 times, most recently from 064a9c0 to 7a8854a Compare May 19, 2022 11:51
@naveensrinivasan
Copy link
Contributor Author

I am not trying to be hard. The commit message length is an issue because my DCO is longer than 80 characters. How do you address those issues?

@nixpanic
Copy link
Member

I am not trying to be hard. The commit message length is an issue because my DCO is longer than 80 characters. How do you address those issues?

It seems I used "Naveen" as name in 09f8ee0 earlier. If you want, I can take this PR forward as well.

@naveensrinivasan
Copy link
Contributor Author

I am not trying to be hard. The commit message length is an issue because my DCO is longer than 80 characters. How do you address those issues?

It seems I used "Naveen" as name in 09f8ee0 earlier. If you want, I can take this PR forward as well.

Please do. Thanks

@nixpanic nixpanic force-pushed the naveensrinivasan/deps-review branch from 7a8854a to 9b14195 Compare May 23, 2022 15:51
@nixpanic nixpanic self-requested a review May 23, 2022 15:53
@nixpanic nixpanic force-pushed the naveensrinivasan/deps-review branch from 9b14195 to 8ee4939 Compare May 23, 2022 16:00
nixpanic
nixpanic previously approved these changes May 23, 2022
View reviewed changes
@mergify mergify bot dismissed nixpanic’s stale review May 23, 2022 16:01

Pull request has been modified.

@Madhu-1
Copy link
Collaborator

Madhu-1 commented May 24, 2022

@yati1998 PTAL

@naveensrinivasan @mergify
ci: included dependency review
3dbb9a2 
Dependency Review GitHub Action in your repository to enforce dependency
reviews on your pull requests.

Signed-off-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
@mergify mergify bot merged commit 60281fa into ceph:devel May 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Madhu-1 Madhu-1 Madhu-1 approved these changes

@yati1998 yati1998 yati1998 approved these changes

@nixpanic nixpanic nixpanic left review comments

Assignees
No one assigned
Labels
ci/skip/e2e skip running e2e CI jobs component/testing Additional test cases or CI work
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@naveensrinivasan @nixpanic @Madhu-1 @yati1998