Github Advisory not working due to skipping all CVE when not present at allowlist resource.
We also find out, during debug, that the bypass CVE feature wasn't working.
Why?
We were using the wrong data struct to evaluate if the CVE should be bypassed or not.
Also, were using DateTime at the logical validation, but using Date (time/today) at entrypoint calls.
Approach
Removed the :vulnerabilities call, and refactor the fn to be more readable.
Context
Github Advisory not working due to skipping all CVE when not present at allowlist resource. We also find out, during debug, that the bypass CVE feature wasn't working.
Why?
We were using the wrong data struct to evaluate if the CVE should be bypassed or not. Also, were using
DateTimeat the logical validation, but usingDate (time/today)at entrypoint calls.Approach
:vulnerabilitiescall, and refactor the fn to be more readable.time/nowat entrypoint call .