Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue #73: Release of CT Starter Kit Dependabot narrative. ... #84

Merged
merged 6 commits into from
Feb 3, 2023
Merged

Issue #73: Release of CT Starter Kit Dependabot narrative. ... #84

merged 6 commits into from
Feb 3, 2023

Conversation

jpl-jengelke
Copy link
Contributor

Purpose

  • SLIM Starter Kit/Continuous Testing with Dependabot sample to illustrate Software Composition Analysis (SCA)

Proposed Changes

  • Add Dependabot starter kit for:
    • Dependency updates
    • Security scanning of OSS dependencies

Issues

Testing

@jpl-jengelke jpl-jengelke requested a review from riverma December 16, 2022 15:39
@jpl-jengelke jpl-jengelke self-assigned this Dec 16, 2022
@jpl-jengelke
Issue #73: Adding Dependabot version and security updates to the soft…
7750038 
…ware composition analysis section of the continuous testing starter kit. ...
@jpl-jengelke jpl-jengelke changed the title Issue #73: Initial setup of CT Starter Kit narrative. ... Issue #73: Release of CT Starter Kit narrative. ... Dec 19, 2022
@jpl-jengelke jpl-jengelke marked this pull request as ready for review December 19, 2022 21:01
@jpl-jengelke
Copy link
Contributor Author

Please review. Here's the Starter Kit in context:
https://github.com/NASA-AMMOS/slim/blob/issue_73/continuous-testing/starter-kits/README.md

@jpl-jengelke jpl-jengelke mentioned this pull request Dec 19, 2022
Merged
riverma
riverma reviewed Dec 19, 2022
View reviewed changes
Copy link
Collaborator

@riverma riverma left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Really good stuff here @jpl-jengelke! Some comments / suggestions cited, but overall I think this is very clear and helpful. I like that you’ve provided background and context for the Dependabot SK’s. Thanks for this contribution!

continuous-testing/starter-kits/README.md Show resolved Hide resolved
continuous-testing/starter-kits/README.md Outdated Show resolved Hide resolved
continuous-testing/starter-kits/README.md Outdated Show resolved Hide resolved
continuous-testing/starter-kits/README.md Show resolved Hide resolved
@jpl-jengelke
Copy link
Contributor Author

Changes made. Please re-review to add any additional comments.

@jpl-jengelke
Issue #73: Consistency in link destinations -- repointed to 'main' wh…
8fd0be4 
…ich will not have some files until another PR is merged. ...
@jpl-jengelke
Copy link
Contributor Author

The Dependabot file is currently on the develop branch pending review at: https://github.com/NASA-AMMOS/slim-starterkit-python/blob/develop/.github/dependabot.yml

@jpl-jengelke jpl-jengelke changed the title Issue #73: Release of CT Starter Kit narrative. ... Issue #73: Release of CT Starter Kit Dependabot narrative. ... Jan 5, 2023
@jpl-jengelke jpl-jengelke requested review from a team and MJJoyce and removed request for jpl-btlunsfo and a team January 5, 2023 17:47
riverma
riverma reviewed Jan 10, 2023
View reviewed changes
Copy link
Collaborator

@riverma riverma left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @jpl-jengelke - I ran through this and worked great. I had a simplified rewrite to this proposed below. What do you think?

continuous-testing/starter-kits/README.md Show resolved Hide resolved
continuous-testing/starter-kits/README.md Outdated Show resolved Hide resolved
continuous-testing/starter-kits/README.md Show resolved Hide resolved
@jpl-jengelke jpl-jengelke requested review from a team and removed request for jl-0 and MJJoyce February 3, 2023 00:46
@jpl-jengelke jpl-jengelke merged commit 5f8f461 into main Feb 3, 2023
@jpl-jengelke jpl-jengelke mentioned this pull request Feb 3, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeffreypon jeffreypon jeffreypon left review comments

@sharimayer sharimayer sharimayer approved these changes

@jl-0 jl-0 jl-0 approved these changes

@riverma riverma riverma approved these changes

@galenatjpl galenatjpl Awaiting requested review from galenatjpl

@stirlingalgermissen stirlingalgermissen Awaiting requested review from stirlingalgermissen

Assignees

@jpl-jengelke jpl-jengelke

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@jpl-jengelke @riverma @jl-0 @jeffreypon @sharimayer