Github Advisory not working due to skipping all CVE when not present at allowlist resource.
We also find out, during debug, that the bypass CVE feature wasn't working.
Why?
We were using the wrong data struct to evaluate if the CVE should be bypassed or not.
Also, were using DateTime at the logical validation, but using Date (time/today) at entrypoint calls.
Approach
Removed the :vulnerabilities call, and refactor the fn to be more readable.
Context
Github Advisory not working due to skipping all CVE when not present at allowlist resource. We also find out, during debug, that the bypass CVE feature wasn't working.
Why?
We were using the wrong data struct to evaluate if the CVE should be bypassed or not. Also, were using
DateTime
at the logical validation, but usingDate (time/today)
at entrypoint calls.Approach
:vulnerabilities
call, and refactor the fn to be more readable.time/now
at entrypoint call .