Skip to content

[Spike] Investigate a vulnerability report process #1463

Closed
@thepetk

Description

@thepetk

Which area this user story is related to?

/area api
/area library
/area registry
/area alizer
/area landing-page

Issue description

As part of our security policy, recommended by the CLO Monitor best practices, we could implement a define a vulnerability report process. This way we help the users of devfile org repos to report vulnerabilities found inside the org, following a secure way.

This issue focuses only in the investigation part.

Acceptance Criteria

  • Results of investigation have been shared

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/alizerEnhancement or issue related to the alizer repoarea/apiEnhancement or issue related to the api/devfile specificationarea/landing-pageIssues with the Landing Pagearea/libraryCommon devfile library for interacting with devfilesarea/registryDevfile registry for stacks and infrastructure

    Type

    No type

    Projects

    Status

    Done ✅

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions