Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use SARIF schema when reporting flaws to GitHub #365

Open
fridex opened this issue Dec 20, 2021 · 9 comments
Open

Use SARIF schema when reporting flaws to GitHub #365

fridex opened this issue Dec 20, 2021 · 9 comments
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. needs-triage Indicates an issue or PR lacks a `triage/...` label and requires one. sig/user-experience Issues or PRs related to the User Experience of our Services, Tools, and Libraries. triage/needs-information Indicates an issue needs more information in order to work on it.

Comments

@fridex
Copy link
Contributor

fridex commented Dec 20, 2021

Is your feature request related to a problem? Please describe.

See https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning
@fridex fridex added kind/feature Categorizes issue or PR as related to a new feature. needs-triage Indicates an issue or PR lacks a `triage/...` label and requires one. labels Dec 20, 2021
@goern
Copy link
Member

goern commented Jan 10, 2022

which component would report these flaws? how is the discovery of flaws triggered?

@codificat
Copy link
Member

/triage needs-information

@sesheta sesheta added the triage/needs-information Indicates an issue needs more information in order to work on it. label Jan 31, 2022
@goern goern removed the needs-triage Indicates an issue or PR lacks a `triage/...` label and requires one. label Feb 16, 2022
@goern
Copy link
Member

goern commented Apr 4, 2022

/sig user-experience

@sesheta sesheta added the sig/user-experience Issues or PRs related to the User Experience of our Services, Tools, and Libraries. label Apr 4, 2022
@sesheta
Copy link
Member

sesheta commented Jul 3, 2022

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

/lifecycle stale

@sesheta sesheta added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jul 3, 2022
@sesheta
Copy link
Member

sesheta commented Aug 2, 2022

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

/lifecycle rotten

@sesheta sesheta added lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. and removed lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. labels Aug 2, 2022
@sesheta
Copy link
Member

sesheta commented Sep 1, 2022

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

/close

@sesheta sesheta closed this as completed Sep 1, 2022
@sesheta
Copy link
Member

sesheta commented Sep 1, 2022

@sesheta: Closing this issue.

In response to this:

Rotten issues close after 30d of inactivity.
Reopen the issue with /reopen.
Mark the issue as fresh with /remove-lifecycle rotten.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@mayaCostantini mayaCostantini reopened this Sep 4, 2022
@sesheta
Copy link
Member

sesheta commented Sep 4, 2022

@fridex: This issue is currently awaiting triage.
If a refinement session determines this is a relevant issue, it will accept the issue by applying the
triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@sesheta sesheta added the needs-triage Indicates an issue or PR lacks a `triage/...` label and requires one. label Sep 4, 2022
@codificat codificat moved this to 🏗 In progress in Planning Board Sep 24, 2022
@Gkrumbach07 Gkrumbach07 moved this from 🏗 In progress to 📋 Backlog in Planning Board Sep 29, 2022
@harshad16
Copy link
Member

/remove-lifecycle rotten
/lifecycle frozen

@sesheta sesheta added lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. and removed lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. labels Oct 4, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature Categorizes issue or PR as related to a new feature. lifecycle/frozen Indicates that an issue or PR should not be auto-closed due to staleness. needs-triage Indicates an issue or PR lacks a `triage/...` label and requires one. sig/user-experience Issues or PRs related to the User Experience of our Services, Tools, and Libraries. triage/needs-information Indicates an issue needs more information in order to work on it.
Projects
Planning Board
Status: 📋 Backlog
Milestone
No milestone
Development

No branches or pull requests
6 participants
@goern @codificat @fridex @harshad16 @sesheta @mayaCostantini