cla-bot
cla-bot copied to clipboard
finos
cla-bot is a GitHub bot for automation of Contributor Licence Agreements (CLAs).
## CVE-2021-3918 - High Severity Vulnerability Vulnerable Library - json-schema-0.2.3.tgz JSON Schema validation and specifications Library home page: https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz Path to dependency file: /package.json Path to vulnerable library: /node_modules/json-schema/package.json Dependency...
![mend-for-github-com[bot] avatar](https://avatars.githubusercontent.com/in/30796?v=4 "mend-for-github-com[bot] avatar"){kind=avatar}
## CVE-2021-23369 - High Severity Vulnerability Vulnerable Library - handlebars-4.4.2.tgz Handlebars provides the power necessary to let you build semantic templates effectively with no frustration Library home page: https://registry.npmjs.org/handlebars/-/handlebars-4.4.2.tgz Path...
## CVE-2019-20922 - High Severity Vulnerability Vulnerable Library - handlebars-4.4.2.tgz Handlebars provides the power necessary to let you build semantic templates effectively with no frustration Library home page: https://registry.npmjs.org/handlebars/-/handlebars-4.4.2.tgz Path...
According to https://colineberhardt.github.io/cla-bot/#configuration-options > With each invocation, the checkContributor querystring parameter is used to supply the committer username. The webhook should return a JSON response that indicates whether the committer...
Is it possible to configure cla-bot to prompt a user to sign the CLA when they first open a new issue or first comment on an existing one? (Background: we're...
TBD - see https://finosfoundation.atlassian.net/wiki/spaces/FINOS/pages/75530376/Activation
## Reinstate linting in package.json when PR 166 and Issue 164 are resolved Due to differences in linting behaviour on local machines vs TravisCI, linting will be disabled when PR...
FINOS teams are reporting the submission of CLAs prior to the acceptance and merge of contributor pull requests is impacting team velocity. FINOS ODP Story : https://finosfoundation.atlassian.net/browse/ODP-111 This issue proposes...
It would be quite useful if we could whitelist an org. Each commit author would be verified to see if they are a member of a given GitHub org.
It would be great if cla-bot supported configuring what type and/or locations of files to monitor for changes. E.g. if you can specify `*.md` or `/docs/**/*` to exclude particular files...
