Yi Li
Yi Li
The manual updater was successfully ran in the updaters CI workflow. Not sure if it's enough for the testing. Please let me know.
Do you mind to share the link to the GCS bucket where contains the multi-bundle vulnerabilities?
> > Do you mind to share the link to the GCS bucket where contains the multi-bundle vulnerabilities? > > See "Testing Performed". There's a link to a completed GH...
@Nello-Angelo For "image cannot be scanned" Have you tried this command? `roxctl image scan --force --image=`
Not sure if this is the most graceful way of doing things. Please let me know your suggestions and I will address the e2e test in another PR.
> How did you test this? I can only run the diff-dump job to see if the offline bundle is generated. But I think since the commands `--fail `flag and...
Is the schedule of 3 months tied to the number of Claircore release cycles?
> I think we can rethink the logic to do a lot of this work in the first call to severityAndScores, even if that means updating the struct type or...
@dcaravel I didn't add severity to `VulnerabilityReport_Vulnerability` proto since we might need to update the original ADR. Please let me know if you feel strongly that this is necessary. I...
> LGTM - this PR satisfies the requirement. > > Realizing now that the standard JSON marshalling does not translate protobuf enums to human friendly strings (and realize your original...