Pushkar Joglekar
Pushkar Joglekar
:sparkles: Kubernetes v1.25 is live :sparkles: What that means is that the official CVE feed (feature state: alpha) built as part of KEP-3203 is live too. You can find it...
Thanks @angusm43ge that is good point. It is going to take some work to have meaningful automation to detect affected versions, but we will mark it as a future feature...
@kevincox thanks for making me aware that a validator for JSON feed spec exists - I was not aware of this. We will consider in future, making the feed support...
/remove-lifecycle rotten /cc @ritazh
/hold for https://github.com/kubernetes/test-infra/pull/27309
Yes the PR blocking it is merged. So you can work on this if you'd like
@puerco has there been any progress on this? I am leading a new sub-group [sig-security-tooling](https://kubernetes.slack.com/archives/C01CUSVMHPY) and would like to give this more visibility in our upcoming meeting so we can...
@craigbox as part of this task: > TAG provides insight/recommendation of the project in the context of the landscape Can you please submit a "Presentation" Issue in https://github.com/cncf/tag-security so we...
Raising my hand ✋🏼 from TAG Security. Will eventually hand it off to one of our terrific tech leads
@zpavlinovic Suggestion on product fields: - It might make sense to default it to module name in go.mod file e.g. https://github.com/kubernetes/kubernetes/blob/master/go.mod#L7 - It would also be super-useful to allow users...