You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It is clear that we want some pull request automation, both to assist contributors to write a correct
and useful advisory, and to assist the SRT by automating some things. It seems like a webhook "github app"
is the best approach. It will need a token with write access to the repo and we'll need to host it somewhere.
Here are some ideas about what it could do:
if CVSS and CWE are not set, write a comment pointing to helpful resources
when CVSS and CWE are set, write a comment explaining their values
recognise commands to update the PR:
if Allow edits and access to secrets by maintainers is set for the PR, the app should be able to push (and force-push) to the head branch of the PR, even in forks
Recognise the /cwe, /cvss, /keywords to update those fields
When PR is approved by SRT, automatically assign an HSEC-id, and update the head branch (rename file and update TOML id field)
The text was updated successfully, but these errors were encountered:
It is clear that we want some pull request automation, both to assist contributors to write a correct
and useful advisory, and to assist the SRT by automating some things. It seems like a webhook "github app"
is the best approach. It will need a token with write access to the repo and we'll need to host it somewhere.
Here are some ideas about what it could do:
/cwe,/cvss,/keywordsto update those fieldsidfield)The text was updated successfully, but these errors were encountered: