Skip to content
This repository has been archived by the owner on Mar 21, 2024. It is now read-only.

Add workflow for security governance for packages #755

Open
peterhessey opened this issue Jun 29, 2022 · 0 comments
Open

Add workflow for security governance for packages #755

peterhessey opened this issue Jun 29, 2022 · 0 comments
Assignees
@peterhessey
Labels
improvements Improve performance of InnerEye

Comments

@peterhessey
Copy link
Contributor

peterhessey commented Jun 29, 2022
edited by azure-boards bot

馃殌 Feature
A GitHub workflow that regularly runs to check for security issues with any packages existing in environment.yml. It should run regularly (e.g. weekly) as well as on any new PRs. It should fail if any critical packages are found. Dependabot may provide some or all of the necessary functionality here.

Motivation

A similar suite of checks in the private MSR repo for IE-DL (which uses this repo as a submodule) are failing due to security concerns around packages used in this env.

AB#6364
@peterhessey peterhessey self-assigned this Jun 29, 2022
@peterhessey peterhessey added the improvements Improve performance of InnerEye label Jun 29, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@peterhessey peterhessey

Labels
improvements Improve performance of InnerEye
Projects
InnerEye-OSS
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@peterhessey