Skip to content

CI: Add vulnerability checking #6112

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
May 9, 2025
Merged

CI: Add vulnerability checking #6112

merged 4 commits into from
May 9, 2025

Conversation

SMoraisAnsys
Copy link
Collaborator

@SMoraisAnsys SMoraisAnsys commented May 6, 2025
edited
Loading

Description

After multiple PRs, the repo is in a state where it is compatible with our vulnerability action. For information on how to handle multiple situations like a vulnerability source, discovery, tracking, remediation, ... have a look at our dev guide documentation.

Warning

We can configure Bandit to ignore specific advisories (for example, using # nosec). This can be due to the code not being ready yet to be fixed or that the advisory is not relevant to the codebase. However, it is important to note that ignoring advisories should be done with caution, and we should be aware of the potential risks involved. Also, we should document the reasons for ignoring advisories and ensure that they are regularly reviewed to determine if they can be addressed. This is already a WIP, see https://aedt.docs.pyansys.com/version/stable/User_guide/security_consideration.html

Issue linked

Related to #5524 #5504

Checklist

  • I have tested my changes locally.
  • I have added necessary documentation or updated existing documentation.
  • I have followed the coding style guidelines of this project.
  • I have added appropriate tests (unit, integration, system).
  • I have reviewed my changes before submitting this pull request.
  • I have linked the issue or issues that are solved by the PR if any.
  • I have agreed with the Contributor License Agreement (CLA).

@ansys-reviewer-bot
Copy link
Contributor

Thanks for opening a Pull Request. If you want to perform a review write a comment saying:

@ansys-reviewer-bot review

@SMoraisAnsys SMoraisAnsys self-assigned this May 6, 2025
@github-actions github-actions bot added the maintenance Package and maintenance related label May 6, 2025
@codecov Codecov
Copy link

codecov bot commented May 6, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 85.73%. Comparing base (efb53ed) to head (4be671e).
Report is 13 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #6112      +/-   ##
==========================================
+ Coverage   85.66%   85.73%   +0.07%     
==========================================
  Files         166      167       +1     
  Lines       62786    63348     +562     
==========================================
+ Hits        53783    54312     +529     
- Misses       9003     9036      +33
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

SMoraisAnsys
SMoraisAnsys commented May 6, 2025
View reviewed changes
SMoraisAnsys
SMoraisAnsys commented May 6, 2025
View reviewed changes
MaxJPRey
MaxJPRey approved these changes May 6, 2025
View reviewed changes
Copy link
Collaborator

@MaxJPRey MaxJPRey left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

@SMoraisAnsys SMoraisAnsys merged commit 105e6d6 into main May 9, 2025
32 checks passed
@SMoraisAnsys SMoraisAnsys deleted the ci/add-vulnerability-checking branch May 9, 2025 09:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Samuelopez-ansys Samuelopez-ansys Samuelopez-ansys approved these changes

@MaxJPRey MaxJPRey MaxJPRey approved these changes

Assignees

@SMoraisAnsys SMoraisAnsys

Labels
maintenance Package and maintenance related
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@SMoraisAnsys @Samuelopez-ansys @MaxJPRey @pyansys-ci-bot