Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: update grype configuration #1777

Merged
merged 1 commit into from
Feb 7, 2025
Merged

fix: update grype configuration #1777

merged 1 commit into from
Feb 7, 2025

Conversation

samayer12
Copy link
Contributor

@samayer12 samayer12 commented Feb 7, 2025
edited
Loading

Description

CVE-2025-0395 flagged in our upstream container images an causes CI to fail. While we wait on a fix, we've opted to ignore this finding so that CI pipelines are unblocked. We'll remove this suppression within 60 days (see #1778).

End to End Test:
(See Pepr Excellent Examples)

Related Issue

hotfix

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Other (security config, docs update, etc)

Checklist before merging

@samayer12 samayer12 requested a review from a team as a code owner February 7, 2025 16:13
@codecov Codecov
Copy link

codecov bot commented Feb 7, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 82.05%. Comparing base (47c827e) to head (d080201).
Report is 1 commits behind head on main.

Additional details and impacted files

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #1777   +/-   ##
=======================================
  Coverage   82.05%   82.05%           
=======================================
  Files          52       52           
  Lines        2212     2212           
  Branches      469      436   -33     
=======================================
  Hits         1815     1815           
- Misses        368      395   +27     
+ Partials       29        2   -27

see 7 files with indirect coverage changes

@samayer12 samayer12 mentioned this pull request Feb 7, 2025
Open
@cmwylie19 cmwylie19 added this pull request to the merge queue Feb 7, 2025
Merged via the queue into main with commit 7a787b9 Feb 7, 2025
49 checks passed
@cmwylie19 cmwylie19 deleted the hotfix-grype-suppression branch February 7, 2025 16:33
tamirazrab pushed a commit to tamirazrab/pepr that referenced this pull request Feb 10, 2025
@samayer12 @tamirazrab
fix: update grype configuration (defenseunicorns#1777)
6f9fbd8 
## Description

CVE-2025-0395 flagged in our upstream container images an causes CI to
fail. While we wait on a fix, we've opted to ignore this finding so that
CI pipelines are unblocked. We'll remove this suppression within 60 days
(see defenseunicorns#1778).

End to End Test:  <!-- if applicable -->  
(See [Pepr Excellent
Examples](https://github.com/defenseunicorns/pepr-excellent-examples))

## Related Issue

hotfix

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

## Checklist before merging
- [x] Unit,
[Journey](https://github.com/defenseunicorns/pepr/tree/main/journey),
[E2E Tests](https://github.com/defenseunicorns/pepr-excellent-examples),
[docs](https://github.com/defenseunicorns/pepr/tree/main/docs),
[adr](https://github.com/defenseunicorns/pepr/tree/main/adr) added or
updated as needed
- [x] [Contributor Guide
Steps](https://docs.pepr.dev/main/contribute/#submitting-a-pull-request)
followed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cmwylie19 cmwylie19 cmwylie19 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
Pepr Project Board
Status: ✅ Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@samayer12 @cmwylie19