Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add new security recommendation (add new external package to the project #2515

Merged
merged 5 commits into from
Feb 14, 2024
Merged

Add new security recommendation (add new external package to the project #2515

merged 5 commits into from
Feb 14, 2024

Conversation

helen-laktionova
Copy link
Collaborator

@helen-laktionova helen-laktionova commented Feb 12, 2024
edited
Loading

PR Description

@lenadoc , @andriitserkovnyi the Security team checked the PR.
Please merge it

Checklist

  • I agree with the Code Contribution License Agreement in CONTRIBUTING.md

lapin-sergej
lapin-sergej reviewed Feb 12, 2024
View reviewed changes
docs/scos/dev/guidelines/coding-guidelines/secure-coding-practices-external-packages.md Outdated

### Check security (now and future)

1. Check that package has no known security vulnarabilities.
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Check that the package has no known security vulnerabilities.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed! Thank you!

lapin-sergej
lapin-sergej reviewed Feb 12, 2024
View reviewed changes
docs/scos/dev/guidelines/coding-guidelines/secure-coding-practices-external-packages.md Outdated
### Check security (now and future)

1. Check that package has no known security vulnarabilities.
2. Add automated tool to your CI/CD to check it regularly for all the packages.
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add an automated SAST&SCA tool to your CI/CD to check it regularly for all the packages.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed! Thank you!

@lenadoc lenadoc added the new PR contains a new document label Feb 14, 2024
@lenadoc lenadoc merged commit 48a746d into master Feb 14, 2024
12 of 14 checks passed
@lenadoc lenadoc deleted the new-security-recomendation branch February 14, 2024 13:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lapin-sergej lapin-sergej lapin-sergej left review comments

@ppechlivanis-spryker ppechlivanis-spryker ppechlivanis-spryker left review comments

@andriitserkovnyi andriitserkovnyi Awaiting requested review from andriitserkovnyi

@lenadoc lenadoc Awaiting requested review from lenadoc

Assignees
No one assigned
Labels
new PR contains a new document
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@helen-laktionova @lapin-sergej @ppechlivanis-spryker @lenadoc