Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ITSEC-2280] Add Dependency Review and SBOM signing jobs, update CODEOWNERS #246

Merged
merged 2 commits into from
Oct 11, 2024

Conversation

immutable-art
Copy link
Contributor

@immutable-art immutable-art commented Oct 10, 2024

  1. Adds SBOM artifact signing job as we publish to NPM.
  2. Adds Dependency Review job that fails on Critical severity findings (Node/JavaScript)
  3. Adds Product Security to CODEOWNERS under .github along with the current maintainers (for visibility to job changes)

@immutable-art immutable-art changed the title [ITSEC-2280] Add Dependency Review and SBOM signing jobs [ITSEC-2280] Add Dependency Review and SBOM signing jobs, update CODEOWNERS Oct 10, 2024
@immutable-art immutable-art enabled auto-merge (squash) October 10, 2024 23:36
@immutable-art immutable-art requested review from a team October 11, 2024 03:25
@immutable-art immutable-art merged commit 7d73695 into main Oct 11, 2024
7 of 8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

3 participants