Skip to content

AP-628: mitigate trivy-action compromise [gha]#18

Merged
anarchivist merged 1 commit intomainfrom
AP-628
Mar 24, 2026
Merged

AP-628: mitigate trivy-action compromise [gha]#18
anarchivist merged 1 commit intomainfrom
AP-628

Conversation

@anarchivist
Copy link
Member

@anarchivist anarchivist commented Mar 24, 2026

No description provided.

awilfox
awilfox approved these changes Mar 24, 2026
View reviewed changes
Copy link
Member

@awilfox awilfox left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm fine with this for a temporary emergency fix if we need to discuss this further, but this is the only repo we even have this scan on, and I'm not sure if we've ever used the output. Considering this isn't the first time this Action has been compromised, it might be better to purge it entirely.

@danschmidt5189
Copy link
Member

danschmidt5189 commented Mar 24, 2026
edited
Loading

I approved it as-is but agree with @awilfox — since we're not yet making use of the information we are better off ripping this out IMO. We can reintroduce it once we have a procedure around actually using the results.

@anarchivist
Copy link
Member Author

anarchivist commented Mar 24, 2026

@danschmidt5189 @awilfox: duly noted; will revise PR to remove this step.

@anarchivist anarchivist merged commit a8e3f9a into main Mar 24, 2026
5 checks passed
@anarchivist anarchivist deleted the AP-628 branch March 24, 2026 23:35
@awilfox awilfox mentioned this pull request Mar 25, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@awilfox awilfox awilfox approved these changes

@danschmidt5189 danschmidt5189 danschmidt5189 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@anarchivist @danschmidt5189 @awilfox