Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Done
Priority: Major - P3
Fix Version/s: 100.9.5
Affects Version/s: None
Component/s: None
Labels:
None

Story Points:
3
Sprint:
TAR 2024-05-27
Assigned Teams:

Tools and Replicator
Epic Link:
REP-3553
Days Spent:
2
Documentation Changes:
Not Needed

Problem

See the project design doc.

Solution & Acceptance Criteria

Add a minimal precious config to do linting.
- Add gosec as a linter to the precious config.
Address any issues it finds
Update our Evergreen config to run gosec as part of the release. If it reports any high or critical vulnerabilities this should cause the release to abort.

is depended on by

TOOLS-3536 Update release workflow to fail is gosec finds any high or critical vulnerabilities

Closed

TOOLS-3537 Create the SSDLC report template

Closed

TOOLS-3538 Update our release documentation with new SSDLC-related stuff

Closed

is duplicated by

TOOLS-3536 Update release workflow to fail is gosec finds any high or critical vulnerabilities

Closed

links to

Pull Request (mongodb/mongo-tools master)

Assignee:: Dave Rolsky

Reporter:: Dave Rolsky

Reviewers:: Craven Huynh, Evgeni Dobranov, Huan Li (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: May 07 2024 02:33:13 PM UTC

Updated:: May 30 2024 05:55:00 AM UTC

Resolved:: May 30 2024 05:55:00 AM UTC