You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I would imagine that scenario 1 does (I found a few closed issues to support this assumption), but I'm not sure if scenario 2 does. I'm assuming that if there's is a vulnerability that requires a code change that it would appear in the component detection step, but I wanted to double check.
do both scenarios occur in runs of the following pipelines?
No the second scenario is the goal (see #1150). This isn't feasible yet until the EOL Annotations feature lands as there is too much noise in the vulnerability reports.
The policy will be to ping a team on an issue over an individual.
Assigning individuals can get tricky if someone is OOF or non-responsive. In that instance, we'd have to track down the team they belong to and ping them anyways.
There is a need to identify the owner(s) of the build tools Dockerfiles. The owner will be contacted/assigned issues in the following scenarios:
Considerations:
Related to #972
The text was updated successfully, but these errors were encountered: