Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Open a GitHub issue for a security record #138

Open
3 tasks
fricklerhandwerk opened this issue Dec 15, 2023 · 0 comments
Open
3 tasks

Open a GitHub issue for a security record #138

fricklerhandwerk opened this issue Dec 15, 2023 · 0 comments
Assignees
@alejandrosame @erictapen
Labels
automation user story description or implementation of a workflow
Milestone
3 Security team demo

Comments

@fricklerhandwerk
Copy link
Collaborator

fricklerhandwerk commented Dec 15, 2023
edited
Loading

As a security team member, I want to publish a triaged security issue to GitHub so it can be collaborated on. Doing this should:

Note

For now, escape maintainer names in backticks so we don't actually ping people yet

  • Post data from the tracker into the GitHub issue description

    • Title: CVE title
    • Body: CVE Description, CVE ID with link, CVSS as details
    • Package names with descriptions
      • channels in details, with source links

  • Ping or assign maintainers of affected packages in the issue

  • Add GitHub issue labels based on the tracker data

Depends on:

Implementation notes:

  • We should eventually be able to overwrite the issue body from the tracker, but only if it hasn't change since our last write (maintainers may have edited the issue text and we don't want to lose that data)
@fricklerhandwerk fricklerhandwerk mentioned this issue Dec 15, 2023
Closed
5 tasks
@fricklerhandwerk fricklerhandwerk changed the title list all relevant PRs and issues in nixpkgs. Handle related GitHub issues Dec 15, 2023
@fricklerhandwerk fricklerhandwerk mentioned this issue Sep 18, 2024
Closed
@fricklerhandwerk fricklerhandwerk changed the title Handle related GitHub issues Link related GitHub issues and pull requests Sep 18, 2024
@fricklerhandwerk fricklerhandwerk mentioned this issue Sep 18, 2024
Closed
9 tasks
@fricklerhandwerk fricklerhandwerk mentioned this issue Sep 23, 2024
Closed
@fricklerhandwerk fricklerhandwerk changed the title Link related GitHub issues and pull requests Open a GitHub issue for a security record Sep 26, 2024
@fricklerhandwerk fricklerhandwerk mentioned this issue Sep 26, 2024
Closed
@fricklerhandwerk fricklerhandwerk added the user story description or implementation of a workflow label Sep 26, 2024
@fricklerhandwerk fricklerhandwerk mentioned this issue Sep 26, 2024
Open
@fricklerhandwerk fricklerhandwerk added this to the Draft record editing milestone Sep 26, 2024
@fricklerhandwerk fricklerhandwerk moved this to Needs refinement in Nixpkgs Security Scanner Nov 28, 2024
@fricklerhandwerk fricklerhandwerk self-assigned this Nov 29, 2024
@alejandrosame alejandrosame mentioned this issue Dec 11, 2024
Merged
@erictapen erictapen mentioned this issue Dec 13, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alejandrosame alejandrosame

@erictapen erictapen

Labels
automation user story description or implementation of a workflow
Projects
Nixpkgs Security Scanner
Status: Needs refinement
Milestone
3 Security team demo
Development

No branches or pull requests
3 participants
@alejandrosame @fricklerhandwerk @erictapen