derek[bot]
commented
8 months ago Thank you for your contribution. unfortunately, one or more of your commits are missing the required "Signed-off-by:" statement. Signing off is part of the Developer Certificate of Origin (DCO) which is used by this project.
Read the DCO and project contributing guide carefully, and amend your commits using the git CLI. Note that this does not require any cryptography, keys or special steps to be taken.
:bulb: Shall we fix this?
This will only take a few moments.
First, clone your fork and checkout this branch using the git CLI.
Next, set up your real name and email address:
git config --global user.name "Your Full Name"
git config --global user.email "you@domain.com"
Finally, run one of these commands to add the "Signed-off-by" line to your commits.
If you only have one commit so far then run: git commit --amend --signoff and then git push --force.
If you have multiple commits, watch this video.
Check that the message has been added properly by running "git log".
alexellis
What happened?
There are 1 security vulnerabilities found in golang.org/x/crypto v0.14.0
What did I do?
Upgrade golang.org/x/crypto from v0.14.0 to 0.17.0 for vulnerability fix
What did you expect to happen?
Ideally, no insecure libs should be used.
How can we automate the detection of these types of issues?
By using the GitHub Actions configurations provided by murphysec, we can conduct automatic code security checks in our CI pipeline.
The specification of the pull request
PR Specification from OSCS