Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updates to support full CSAF capability #53

Merged
merged 8 commits into from
Sep 20, 2022
Merged

Updates to support full CSAF capability #53

merged 8 commits into from
Sep 20, 2022

Conversation

sei-vsarvepalli
Copy link
Contributor

sei-vsarvepalli and others added 4 commits September 9, 2022 17:13
@sei-vsarvepalli
SBOM updated
6901690 
SBOM updated to latest format
@sei-vsarvepalli
SBOM Updates
92ea22d 
Signed-off-by: Vijay Sarvepalli (SEI) <[email protected]>
@sei-vsarvepalli
Full CSAF support v1.50.3
80f4080 
Signed-off-by: Vijay Sarvepalli (SEI) <[email protected]>
@sei-vsarvepalli
Update of CHANGELOG and version
569d28e 
Signed-off-by: Vijay Sarvepalli (SEI) <[email protected]>
@sei-vsarvepalli sei-vsarvepalli added the enhancement New feature or request label Sep 16, 2022
@sei-vsarvepalli sei-vsarvepalli self-assigned this Sep 16, 2022
@sei-vsarvepalli sei-vsarvepalli added the documentation Improvements or additions to documentation label Sep 16, 2022
jwoytek
jwoytek reviewed Sep 16, 2022
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 16, 2022
View reviewed changes
vincepub/templates/vincepub/vudetailnew.html
@@ -101,6 +101,10 @@
{% if vuln.cve %}
<a href="http://web.nvd.nist.gov/vuln/detail/{{ vuln.vul }}">{{ vuln.vul }} </a>
{% endif %}
<tr>
<td><b>API URL: </b></td>
<td><a href="{% url 'vincepub:index' %}api/{{ object.idnumber }}/" target="_blank">VINCE JSON</a> | <a href="{% url 'vincepub:vulcsaf' object.idnumber %}" target="_blank">CSAF</a></td>

Check warning

Code scanning / CodeQL

Potentially unsafe external link

External links without noopener/noreferrer are a potential security risk.
ahouseholder
ahouseholder requested changes Sep 20, 2022
View reviewed changes
Copy link

@ahouseholder ahouseholder left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I had a few suggestions in the settings_.py file, and a question about a CodeQL error. Once those are addressed I think this is ok to merge.

@sei-vsarvepalli
Copy link
Contributor Author

Yep - will update these. It is a good idea. CodeQL is a false/positive as the link is local.

Vijay

@sei-vsarvepalli sei-vsarvepalli merged commit a68ea58 into CERTCC:main Sep 20, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jwoytek jwoytek jwoytek left review comments

@ahouseholder ahouseholder ahouseholder requested changes

@ehatleback ehatleback Awaiting requested review from ehatleback

Assignees

@sei-vsarvepalli sei-vsarvepalli

Labels
documentation Improvements or additions to documentation enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Case Machine Readable Format
3 participants
@sei-vsarvepalli @ahouseholder @jwoytek