Denis Loginov comments

Results 152 comments of


                                            Denis Loginov

Filter vulnerabilities by Type (yarn, composer etc.)

/remove-lifecycle stale

Avoid noise from patterns with SHA: prefix in the Old GitHub detector

Interesting, I see. Do you have any suggestions on what could work here?

Codacy detector should be more specific and should not use /version endpoint for token verification

Thanks! Would it be possible to make this detector more specific also?

Rootless mode doesn't work on Google Container-Optimized OS kernel (CONFIG_SECURITY_CHROMIUMOS_NO_UNPRIVILEGED_UNSAFE_MOUNTS?)

Any updates on this?

List and delete deployments

As a workaround, would it be possible to reuse the files whose filename and contents haven't changed (according to some hash)? E.g. if Webpack generates chunks with stable hashes (e.g....

[New setting] Check for updates automatically (on/off)

Not sure if this is the right thread to ask, but is there a setting to _enable_ automatic updates? I'm only seeing the one for automatic downloads, but I wish...

`helm package` should produce bitwise-deterministic tar files

FWIW the example from [reproducible builds](https://github.com/helm/helm/issues/3612#issuecomment-947237805) worked well for me, but that obviously requires custom scripting, which is not ideal.

Custom response headers support?

Any updates on this one? This would be essential not only for HSTS, but for other "classic" security headers like `X-Frame-Options`, `X-XSS-Protection`, `X-Content-Type-Options`, `Content-Security-Policy` and `Referrer-Policy`.

Custom response headers support?

Any timeline on when this will land to GKE?

Support for URL redirects

@spencerhance thanks - Google Support shared this public issue filed for it: https://issuetracker.google.com/212418577