search

nodejs / node-core-utils

CLI tools for Node.js Core collaborators
https://nodejs.github.io/node-core-utils/
MIT License
228 stars 105 forks source link

feat: request cve automatically #777

Closed marco-ippolito closed 3 weeks ago

marco-ippolito commented 1 month ago

the command git-node security --request-cve will read the vulnerabilities.json and request a cve for each report, if does not find the severity in the report will try to fetch it from hackerone, we can probably make the json path optional and try to read it from the standard location

codecov[bot] commented 1 month ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 82.97%. Comparing base (59526a8) to head (a9505eb).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #777 +/- ## ======================================= Coverage 82.97% 82.97% ======================================= Files 37 37 Lines 4200 4200 ======================================= Hits 3485 3485 Misses 715 715 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

marco-ippolito commented 1 month ago

cc @RafaelGSS

marco-ippolito commented 1 month ago

this needs to land before: https://github.com/nodejs/node-core-utils/pull/780

marco-ippolito commented 1 month ago

reminder to remove createdAt and always set cve creation as today

RafaelGSS commented 4 weeks ago

@marco-ippolito would you mind creating a list of tasks remaining for this PR?