-
Notifications
You must be signed in to change notification settings - Fork 504
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
🐛 Updates osv-scanner dependency to 1.2.0. #2704
Merged
spencerschrock
merged 3 commits into
ossf:main
from
another-rex:update-osv-scanner-dependency
Mar 9, 2023
Merged
🐛 Updates osv-scanner dependency to 1.2.0. #2704
spencerschrock
merged 3 commits into
ossf:main
from
another-rex:update-osv-scanner-dependency
Mar 9, 2023
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
another-rex
requested review from
azeemshaikh38,
justaugustus,
laurentsimon,
naveensrinivasan,
spencerschrock and
raghavkaul
as code owners
March 1, 2023 03:02
another-rex
temporarily deployed
to
integration-test
March 1, 2023 03:03
— with
GitHub Actions
Inactive
another-rex
force-pushed
the
update-osv-scanner-dependency
branch
from
March 1, 2023 03:04
a0f821d
to
17931e3
Compare
another-rex
temporarily deployed
to
integration-test
March 1, 2023 03:05
— with
GitHub Actions
Inactive
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## main #2704 +/- ##
==========================================
- Coverage 49.87% 49.86% -0.02%
==========================================
Files 156 156
Lines 11572 11576 +4
==========================================
Hits 5772 5772
- Misses 5450 5454 +4
Partials 350 350 |
laurentsimon
reviewed
Mar 1, 2023
another-rex
temporarily deployed
to
integration-test
March 2, 2023 00:03
— with
GitHub Actions
Inactive
laurentsimon
approved these changes
Mar 2, 2023
another-rex
temporarily deployed
to
integration-test
March 8, 2023 05:30
— with
GitHub Actions
Inactive
Updated the osv-scanner version to a pseudo version 1.2.1-0.20230302232134-592acbc2539b, which contains some extra fixes, notably :
@spencerschrock fyi |
@another-rex Thanks for the pseudo update. If you could just DCO your last commit I can get this merged in. |
another-rex
force-pushed
the
update-osv-scanner-dependency
branch
from
March 8, 2023 23:10
3e10b82
to
05cd7f8
Compare
another-rex
temporarily deployed
to
integration-test
March 8, 2023 23:11
— with
GitHub Actions
Inactive
The 1.0 release changed the return value for osv-scanner to output an error when vulnerabilities are found, modified to handle this error correctly. Signed-off-by: Rex Pan <rexpan@google.com>
Signed-off-by: Rex Pan <rexpan@google.com>
Signed-off-by: Rex Pan <rexpan@google.com>
spencerschrock
force-pushed
the
update-osv-scanner-dependency
branch
from
March 8, 2023 23:53
05cd7f8
to
72a5a90
Compare
spencerschrock
temporarily deployed
to
integration-test
March 8, 2023 23:54
— with
GitHub Actions
Inactive
Shofiya2003
pushed a commit
to Shofiya2003/scorecard
that referenced
this pull request
Mar 10, 2023
* Updates osv-scanner dependency to 1.2.0. The 1.0 release changed the return value for osv-scanner to output an error when vulnerabilities are found, modified to handle this error correctly. Signed-off-by: Rex Pan <rexpan@google.com> * Add some additional comments Signed-off-by: Rex Pan <rexpan@google.com> * Update osv-scanner to include SBOM and logging fixes Signed-off-by: Rex Pan <rexpan@google.com> --------- Signed-off-by: Rex Pan <rexpan@google.com> Signed-off-by: Shofiya2003 <shofiyabootwala@gmail.com>
Shofiya2003
pushed a commit
to Shofiya2003/scorecard
that referenced
this pull request
Mar 10, 2023
* Updates osv-scanner dependency to 1.2.0. The 1.0 release changed the return value for osv-scanner to output an error when vulnerabilities are found, modified to handle this error correctly. Signed-off-by: Rex Pan <rexpan@google.com> * Add some additional comments Signed-off-by: Rex Pan <rexpan@google.com> * Update osv-scanner to include SBOM and logging fixes Signed-off-by: Rex Pan <rexpan@google.com> --------- Signed-off-by: Rex Pan <rexpan@google.com> Signed-off-by: Shofiya2003 <shofiyabootwala@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What kind of change does this PR introduce?
Updates osv-scanner dependency to 1.2.0 from 0.0.0.
The 1.0 release changed the return value for osv-scanner to output an error when vulnerabilities are found, modified to handle this error correctly. This will fix ossf/scorecard-action#1092 once it is also updated.
Which issue(s) this PR fixes
ossf/scorecard-action#1092
Special notes for your reviewer
Does this PR introduce a user-facing change?
No