Github Reusable Workflow - being able to fail to job by a minimum severity #712

fingeromer · 2023-12-18T17:46:01Z

Hi, is there a way to set a minimum CVSS for failing the reusable PR scanner workflow?
For example, new package with CVE of 2.1 CVSS, only print log, but won't fail the step.

oliverchang · 2023-12-18T22:44:28Z

Extending on this, it might make sense to keep this consistent with the prioritisation mechanisms for guided remediation: #352

minimum severity
maximum dependency depth
dev vs non dev

github-actions · 2024-07-19T18:02:44Z

This issue has not had any activity for 60 days and will be automatically closed in two weeks

github-actions · 2024-08-02T19:00:50Z

Automatically closing stale issue

oliverchang added the enhancement New feature or request label Dec 18, 2023

github-actions bot added the stale The issue or PR is stale and pending automated closure label Jul 19, 2024

github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Aug 2, 2024

another-rex added backlog Important but currently unprioritized and removed stale The issue or PR is stale and pending automated closure labels Aug 7, 2024

another-rex reopened this Aug 7, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Github Reusable Workflow - being able to fail to job by a minimum severity #712

Github Reusable Workflow - being able to fail to job by a minimum severity #712

fingeromer commented Dec 18, 2023 •

edited

Loading

oliverchang commented Dec 18, 2023

github-actions bot commented Jul 19, 2024

github-actions bot commented Aug 2, 2024

Github Reusable Workflow - being able to fail to job by a minimum severity #712

Github Reusable Workflow - being able to fail to job by a minimum severity #712

Comments

fingeromer commented Dec 18, 2023 • edited Loading

oliverchang commented Dec 18, 2023

github-actions bot commented Jul 19, 2024

github-actions bot commented Aug 2, 2024

fingeromer commented Dec 18, 2023 •

edited

Loading