minder
minder copied to clipboard
stacklok
Software Supply Chain Security Platform
There are places in Minder where errors are logged, but lack the context to debug the issue (e.g. which project/profile/entity/etc. does the error relate to). Outcomes: 1) Review existing log...
### Describe the issue When running `minder profile status list --detailed` the evaluation status should be grouped by the rule ID. In the past it was grouped like that, but...
As discussed in https://github.com/stacklok/minder/pull/1806#discussion_r1415544292, when a CVE exists, but no fixed version exists, we should not mark the PR as changes requested (at least not by default)
The `TestNatsChannel` test is inconsistently failing. Failure example: https://github.com/stacklok/minder/actions/runs/10610301617/job/29407533319 Success example: https://github.com/stacklok/minder/actions/runs/10610294403/job/29407511948 Failure reason: ``` make: *** [.mk/test.mk:32: test-silent] Error 1 natschannel_test.go:96: Got {"msg":"hello"} from out1 natschannel_test.go:101: timeout waiting for...
With all the necessary information within the `entity_instances` table, we can now dispose of the per-entity tables and rely solely on the central one.
Don was poking around and discovered that some Git repos may be 900MB just to shallow clone (think: they check in a copy of the JVM). This isn't a reasonable...
### Describe the issue Running repo register exceeds the context deadline when trying to register a repository from an enrolled org with ~200 repos. ### To Reproduce 1. Enroll an...
If you're on a top level node, you should be able to see the status of all profiles in the hierarchy.
### Please describe the enhancement Rule instances are currently stored as a list of JSON objects which makes querying challenging. Migrate rules over to a dedicated table structure. ### Solution...
When minder inspects a PR with trusty it will provide no feedback when no bad dependencies are found. We should leverage the checks API to provide visual feedback about the...
