Closed Jin-Sun-tts closed 2 weeks ago
So this test is checking for the presence of this SSL_free_buffers
call in our dependencies? Should we be running it after every build
or update_dependencies
?
@btylerburton and @FuhuXia , added this step in the github workfile commit, it takes about 40s.
40s is a little too much , but since it runs paralleled to the 10-min Build and Test, this 40s does not slow down anything.
Added an option in the Makefile to check for vulnerable function SSL_free_buffers usage.
Related issues: https://github.com/GSA/data.gov/issues/4781 https://github.com/GSA/data.gov/issues/4782