macaron icon indicating copy to clipboard operation
macaron copied to clipboard
verified publisher icon oracle

New check idea: find CVEs against the current version of the build platform

Open nathanwn opened this issue 2 years ago • 1 comments

New check idea: Macaron can look for CVEs against the build platform/CI service version that builds an artifact. The idea of this new check was originally motivated by this security update from GitLab: https://about.gitlab.com/releases/2023/09/18/security-release-gitlab-16-3-4-released/.

nathanwn avatar Sep 20 '23 00:09 nathanwn

Thanks! That would be a helpful check.

behnazh-w avatar Sep 20 '23 00:09 behnazh-w