Use SARIF schema when reporting flaws to GitHub

thoth-station / core

Using Artificial Intelligence to analyse and recommend Software Stacks for Artificial Intelligence applications.

https://thoth-station.github.io/

GNU General Public License v3.0

28 stars 25 forks source link

Use SARIF schema when reporting flaws to GitHub #365

Open fridex opened 2 years ago

fridex commented 2 years ago

Is your feature request related to a problem? Please describe.

See https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning

goern commented 2 years ago

which component would report these flaws? how is the discovery of flaws triggered?

codificat commented 2 years ago

/triage needs-information

goern commented 2 years ago

/sig user-experience

sesheta commented 2 years ago

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

/lifecycle stale

sesheta commented 1 year ago

Stale issues rot after 30d of inactivity. Mark the issue as fresh with /remove-lifecycle rotten. Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

/lifecycle rotten

sesheta commented 1 year ago

Rotten issues close after 30d of inactivity. Reopen the issue with /reopen. Mark the issue as fresh with /remove-lifecycle rotten.

/close

sesheta commented 1 year ago

@sesheta: Closing this issue.

In response to [this](https://github.com/thoth-station/core/issues/365#issuecomment-1234467200): >Rotten issues close after 30d of inactivity. >Reopen the issue with `/reopen`. >Mark the issue as fresh with `/remove-lifecycle rotten`. > >/close Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

sesheta commented 1 year ago

@fridex: This issue is currently awaiting triage. If a refinement session determines this is a relevant issue, it will accept the issue by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

harshad16 commented 1 year ago

/remove-lifecycle rotten /lifecycle frozen