Re-Enable Vulnerability 3p Scanning Workflow #42049
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…o vuln-scan-sarif
zanderso
approved these changes
May 16, 2023
There was a problem hiding this comment.
It looks like the print here:
Is not logging anything useful. It looks like the string error.output is always empty. That print should maybe log the command that failed, and it would be good to figure out why the stdout and stderr from the subprocess isn't being printed.
|
Merging this PR to get the scan running, but opened a bug to track the subprocess error output at b/282959127 |
sealesj
added
the
autosubmit
auto-submit
bot
removed
the
autosubmit
|
auto label is removed for flutter/engine, pr: 42049, due to - The status or check suite Mac mac_clang_tidy has failed. Please fix the issues identified (or deflake) before re-applying this label.
|
…nto vuln-scan-sarif
sealesj
added
the
autosubmit
engine-flutter-autoroll
added a commit
to engine-flutter-autoroll/flutter
that referenced
this pull request
May 17, 2023
auto-submit bot
pushed a commit
to flutter/flutter
that referenced
this pull request
May 17, 2023
…127041) flutter/engine@400a26a...47fd496 2023-05-17 [email protected] Re-Enable Vulnerability 3p Scanning Workflow (flutter/engine#42049) 2023-05-17 [email protected] Roll Skia from c3473c32bb35 to ffa425bacfc4 (14 revisions) (flutter/engine#42095) 2023-05-17 [email protected] [Impeller] Turned on wide gamut support by default. (#39801) (flutter/engine#41965) If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://autoroll.skia.org/r/flutter-engine-flutter-autoroll Please CC [email protected],[email protected] on the revert to ensure that a human is aware of the problem. To file a bug in Flutter: https://github.com/flutter/flutter/issues/new/choose To report a problem with the AutoRoller itself, please file a bug: https://bugs.chromium.org/p/skia/issues/entry?template=Autoroller+Bug Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md
CaseyHillers
pushed a commit
to CaseyHillers/flutter
that referenced
this pull request
May 24, 2023
…lutter#127041) flutter/engine@400a26a...47fd496 2023-05-17 [email protected] Re-Enable Vulnerability 3p Scanning Workflow (flutter/engine#42049) 2023-05-17 [email protected] Roll Skia from c3473c32bb35 to ffa425bacfc4 (14 revisions) (flutter/engine#42095) 2023-05-17 [email protected] [Impeller] Turned on wide gamut support by default. (flutter#39801) (flutter/engine#41965) If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://autoroll.skia.org/r/flutter-engine-flutter-autoroll Please CC [email protected],[email protected] on the revert to ensure that a human is aware of the problem. To file a bug in Flutter: https://github.com/flutter/flutter/issues/new/choose To report a problem with the AutoRoller itself, please file a bug: https://bugs.chromium.org/p/skia/issues/entry?template=Autoroller+Bug Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
After migrating to standalone yaml (rather than included as a part of the scorecards yaml), the vuln scanning workflow needs to be re-enabled with sarif results uploading to the dashboard under the security tab. A successful test run of this workflow can be seen at https://github.com/flutter/engine/actions/runs/4982210161 (in linked run, fails to upload SARIF file given lack of permissions on any branch besides default)
This change also adds use of cwd in python subprocess commands rather than using directory prefix in command string.
Addresses b/280294707
If you had to change anything in the flutter/tests repo, include a link to the migration guide as per the breaking change policy.
Pre-launch Checklist
///).If you need help, consider asking for advice on the #hackers-new channel on Discord.