Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable automatic OSS-Fuzz -> OSV import for BoringSSL #2178

Closed
davidben opened this issue May 8, 2024 · 0 comments · Fixed by #2201
Closed

Disable automatic OSS-Fuzz -> OSV import for BoringSSL #2178

davidben opened this issue May 8, 2024 · 0 comments · Fixed by #2201

Comments

@davidben
Copy link

davidben commented May 8, 2024
edited
Loading

In principle, this import is great and we'd love to have it. However, until the following issues are resolved, the tradeoffs are not viable. I would much much rather we lose the OSV import than lose the fuzzers, so please disable the import.
oliverchang added a commit that referenced this issue May 12, 2024
@oliverchang
Disable boringssl OSS-Fuzz -> OSV import
dae8f00 
Fixes #2178. 

BoringSSL maintainers would like more control / vetting of entries. Disable the import for now until we have a better system in place to enable that.
@oliverchang oliverchang mentioned this issue May 12, 2024
Merged
oliverchang added a commit that referenced this issue May 13, 2024
@oliverchang
Disable boringssl OSS-Fuzz -> OSV import (#2201)
d9747d4 
Fixes #2178. 

BoringSSL maintainers would like more control / vetting of entries.
Disable the import for now until we have a better system in place to
enable that.
evverx added a commit to evverx/osv.dev that referenced this issue May 17, 2024
@evverx
update the OSS-Fuzz blocklist
15f323b 
It's a follow-up to google#2201. The
comments point to google#2178 because
the reason is the same.
@evverx evverx mentioned this issue May 17, 2024
Merged
evverx added a commit to evverx/osv.dev that referenced this issue Sep 18, 2024
@evverx
update the OSS-Fuzz denylist
57e1c76 
It's a follow-up to google#2201. The
comments point to google#2178 because
the reason is the same.
evverx added a commit to evverx/osv.dev that referenced this issue Sep 20, 2024
@evverx
fix: update the OSS-Fuzz denylist
ac9c814 
It's a follow-up to google#2201. The
comments point to google#2178 because
the reason is the same.
oliverchang pushed a commit that referenced this issue Sep 23, 2024
@evverx
fix: update the OSS-Fuzz denylist (#2222)
4eadc85 
It's a follow-up to #2201. The
comments point to #2178 because
the reason is the same.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Disable boringssl OSS-Fuzz -> OSV import google/osv.dev
1 participant
@davidben