Secure group issues requiring attention
Heat map for bugs:
| ~S1 | ~S2 | ~S3 | ~S4 | |
|---|---|---|---|---|
| ~P1 | 4 | 3 | 0 | 0 |
| ~P2 | 1 | 4 | 7 | 0 |
| ~P3 | 0 | 0 | 9 | 0 |
| ~P4 | 0 | 0 | 0 | 18 |
Hi @kencjohnston,
Here is a list of feature proposals without a milestone.
We would like to ask you to determine whether this issue should be scheduled or closed. For each issue please:
- Close the issue out if it is no longer relevant or a duplicate.
- Assign either a versioned milestone, the %Backlog or the %Awaiting further demand milestone.
For the issues triaged please check off the box in front of the given issue.
Please work with your team to complete the list this week.
-
#12394 (closed) Add yarn audit wrapper to Dependency Scanning ~"Secure", ~"Secure::Software Composition Analysis", ~"dependency scanning", devopssecure, feature, ~"group::software composition analysis" -
#12390 (closed) Support package manager sbt in dependency scanning ~"Secure", ~"Secure::Software Composition Analysis", ~"dependency scanning", devopssecure, feature, ~"group::software composition analysis" -
#12319 (closed) Synchronize gemnasium-db with CVE Details ~"Secure", ~"Secure::Software Composition Analysis", ~"dependency scanning", devopssecure, feature, ~"group::software composition analysis" -
#12318 (closed) Synchronize gemnasium-db with Victims CVE DB ~"Secure", ~"Secure::Software Composition Analysis", ~"dependency scanning", devopssecure, feature, ~"group::software composition analysis" -
#12317 (closed) Synchronize gemnasium-db with PHP Security Advisories DB ~"Secure", ~"Secure::Software Composition Analysis", ~"dependency scanning", devopssecure, feature, ~"group::software composition analysis" -
#12316 (closed) Synchronize gemnasium-db with NVD ~"Secure", ~"Secure::Software Composition Analysis", ~"dependency scanning", devopssecure, feature, ~"group::software composition analysis" -
#12315 (closed) Synchronize gemnasium-db with oss-security mailing list ~"Secure", ~"Secure::Software Composition Analysis", ~"dependency scanning", devopssecure, feature, ~"group::software composition analysis" -
#12253 (closed) Enable automatic retries in Secure test projects ~"Secure", devopssecure, feature -
#12190 (closed) Show warning when the Dependency List is not up-to-date ~"Secure", ~"Secure::Software Composition Analysis", UX, backend, ~"dependency scanning", devopssecure, feature, frontend, ~"group::software composition analysis" -
#12140 (closed) Add Access Token auth to Gemnasium API ~"Secure", ~"Secure::Software Composition Analysis", ~"dependency scanning", devopssecure, feature, ~"group::software composition analysis" -
#12087 Dependency List: Show when a component is out of date ~"Secure", ~"Secure::Software Composition Analysis", dependency list, ~"dependency scanning", devopssecure, feature -
#12012 (closed) Pipfile.lock support for License Management ~"Secure", ~"Secure::Software Composition Analysis", devopssecure, feature, ~"license management" -
#11947 (closed) Add Trivy as an option for Container Scanning ~"Secure", ~"Secure::Software Composition Analysis", ~"auto devops", feature -
#11849 (closed) Preview, check advisory in Gemnasium without being an admin ~"Secure", ~"Secure::Software Composition Analysis", ~"dependency scanning", devopssecure, feature -
#11166 (closed) Add support for MAVEN_CLI_OPTS for dependency scanning ~"Accepting merge requests", ~"Secure", ~"Secure::Software Composition Analysis", customer, ~"dependency scanning", devopssecure, feature
This is a group level triage package that aims to collate the latest bug reports (for frontend and otherwise) and feature proposals. For more information please refer to the handbook:
Edited by Nicole Schwartz