-
Jamie Tanna authored
As noted in #189, there's no way right now to avoid leaking internal package names to the public Internet when generating advisories or missing data. Right now, the solution is to just deal with it, which isn't ideal. Instead, we can add this as a first-class citizen with a new table, and the ability to ignore these packages when performing lookups. This requires we tweak our existing queries to now left join (in case there's no match) the `sensitive_packages` table and filter out/in packages as appropriate. Closes #189.
Jamie Tanna authoredAs noted in #189, there's no way right now to avoid leaking internal package names to the public Internet when generating advisories or missing data. Right now, the solution is to just deal with it, which isn't ideal. Instead, we can add this as a first-class citizen with a new table, and the ability to ignore these packages when performing lookups. This requires we tweak our existing queries to now left join (in case there's no match) the `sensitive_packages` table and filter out/in packages as appropriate. Closes #189.
Code owners
Assign users and groups as approvers for specific file changes. Learn more.