Open vprashar2929 opened 3 months ago
github.com/onsi/ginkgo which is just for testing, hence ... @vprashar2929 , do we have any good approach to show a real vul? btw, is it possible to make a xss for exporter?
is Snyk open for integration with GHA?
btw, should we use template as https://github.com/sustainable-computing-io/kepler/security/advisories/new for report?
after a quick review, IMO:
@vprashar2929 , I suggest we following https://www.first.org/cvss/v4.0/specification-document for our CVE report stand and reuse https://github.com/sustainable-computing-io/kepler/security/advisories/new template.
Recently we ran a Snyk scan on the openshift-power-monitoring/kepler which is a fork of this repository. Upon running the scan following issues in the code were reported: