lunasec icon indicating copy to clipboard operation
lunasec copied to clipboard
verified publisher icon lunasec-io

receive update PRs automatically to fix vulnerabilities in direct dependencies

Open freeqaz opened this issue 3 years ago • 1 comments

By default, we will create a policy for PR generation that only creates PRs to fix vulnerabilities with a significant impact. Aka, Log4Shell.

This is tied to the CWE, CVSS, and EPSS work we're been doing.

freeqaz avatar Dec 08 '22 03:12 freeqaz

Depends on #1036

breadchris avatar Dec 08 '22 03:12 breadchris