Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add OSV Scanner for vulnerability scans #8021

Merged
merged 4 commits into from Apr 29, 2024
Merged

Add OSV Scanner for vulnerability scans #8021

merged 4 commits into from Apr 29, 2024

Conversation

stnguyen90
Copy link
Contributor

What does this PR do?

This workflow action uses OSV Scanner, an open source vulnerability
scanner by Google. We're using OSV Scanner because it has:

  • good usability - JSON output and multiple options
  • good accuracy - OSV database from google and support
    for multiple languages including PHP

Test Plan

None

Related PRs and Issues

Checklist

  • Have you read the Contributing Guidelines on issues?
  • If the PR includes a change to an API's metadata (desc, label, params, etc.), does it also include updated API specs and example docs?

Akhil Anand and others added 4 commits October 5, 2023 16:22
feature-5232-Security-Scans-OSV-Scanner
f1dd1d1
@stnguyen90
Merge branch 'main' into feature-5232-OSV-Security-Scans
c4aede1
@stnguyen90
Merge pull request #6506 from btme0011/feature-5232-OSV-Security-Scans
47fc1a2 
feature-5232-Security-Scans-OSV-Scanner
@stnguyen90
feat(security): add github workflow to check dependencies
8eb5b34 
This workflow action uses OSV Scanner, an open source vulnerability
scanner by Google. We're using OSV Scanner because it has:

* good usability - JSON output and multiple options
* good accuracy - OSV database from google and support
  for multiple languages including PHP
@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@stnguyen90 stnguyen90 marked this pull request as ready for review April 24, 2024 23:27
@abnegate
Copy link
Contributor

@stnguyen90 I don't see any analysis results here, the comment above makes it sound like there should be results even if there were no issues detected, is that correct?

@stnguyen90
Copy link
Contributor Author

@abnegate I think it'll show up once this is merged and the scan runs on main

@abnegate abnegate merged commit dd1213c into main Apr 29, 2024
23 checks passed
@abnegate abnegate deleted the feat-vulnerability-scanner branch April 29, 2024 23:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@abnegate abnegate abnegate approved these changes

@TorstenDittmann TorstenDittmann Awaiting requested review from TorstenDittmann

@christyjacob4 christyjacob4 Awaiting requested review from christyjacob4

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@stnguyen90 @abnegate