minder icon indicating copy to clipboard operation
minder copied to clipboard
verified publisher icon stacklok

Split the PR actions of the vulncheck evaluator into a proper remediate action

Open jhrozek opened this issue 2 years ago • 2 comments

The vulncheck evaluator does two things - checks the vulnerabilities and then performs an action based on the vulnerabilities found, like suggesting PR changes or commenting with a summary. This was all coded before we had remediations, but now that we do have a proper remediations engine we should split the actions part of the evaluator into a proper remediate module to avoid turning the vulncheck into spaghetti (esp visible once we started adding Pi support in addition to vulnerabilities)

jhrozek avatar Oct 15 '23 20:10 jhrozek

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] avatar Nov 24 '23 01:11 github-actions[bot]

When addressing this, please take comments in https://github.com/stacklok/minder/pull/2171 into account

jhrozek avatar Mar 06 '24 20:03 jhrozek

Closing, will address as part of an upcoming epic.

mesembria avatar Nov 19 '24 14:11 mesembria