Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CI integration #27

Open
1 of 2 tasks
MangoIV opened this issue May 23, 2024 · 6 comments
Open
1 of 2 tasks

CI integration #27

MangoIV opened this issue May 23, 2024 · 6 comments
Assignees
@elland
Labels
enhancement New feature or request

Comments

@MangoIV
Copy link
Owner

MangoIV commented May 23, 2024
edited
Loading

it would be good to offer a --ci option that does sensible things for running in ci, there would have to be a config file to specify advisories that are not applicable, etc.

  • setting a non-zero exit code if warnings occur
  • ignore certain advisories
@MangoIV MangoIV added the enhancement New feature or request label Jun 6, 2024
@telser
Copy link

telser commented Jun 7, 2024

@MangoIV Would this include setting a non-zero exitcode? I was just noticing that it is currently 0 even with a vulnerability.

@MangoIV
Copy link
Owner Author

MangoIV commented Jun 7, 2024

Yes, that’s possible! Good idea. For the standard tool I would not do this though.

@telser
Copy link

telser commented Jun 7, 2024

Yes, that’s possible! Good idea. For the standard tool I would not do this though.

Awesome thank you! Some option to fail CI will be great.

@elland
Copy link
Collaborator

elland commented Jun 8, 2024
edited
Loading

TODO:

  • Allow ignoring specific advisories for a given package and version range
  • Specify if finding advisories is a warning or an error with non-zero exit codes so CI steps can fail.
  • Define a configuration file schema.

@elland elland mentioned this issue Jun 8, 2024
Merged
@NorfairKing
Copy link

I'd like this!

This was referenced Jun 26, 2024
Open
Open
@MangoIV
Copy link
Owner Author

MangoIV commented Jun 30, 2024

@elland how is this going, should I take over?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@elland elland

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@telser @elland @NorfairKing @MangoIV