add socket tier 1 reachability analysis#2108
Conversation
|
Preview is available here: |
jeesunikim
left a comment
There was a problem hiding this comment.
Can we pin the exact socket version? npm install -g socket@<version> in case the socket npm package gets compromised. nit: Lab uses pnpm, @kanwalpreetd
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: db5e380ac6
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| # annotation that GitHub Actions renders as a yellow run-level | ||
| # warning without failing the job. | ||
| set +e | ||
| socket scan create --reach \ |
There was a problem hiding this comment.
Pass repo and branch to Socket
Per the socket scan create help in Socket's docs, --repo and --branch default to socket-default-repository and socket-default-branch; I also checked this commit has no socket.json to override those defaults. When this scheduled/manual workflow runs, its scans will be filed under Socket's default repo/branch rather than this repository's actual repo/branch, so the dashboard/head scan for laboratory will not be updated. Please pass the repo and branch (or add socket.json) when invoking the scan.
Useful? React with 👍 / 👎.
|
Preview is available here: |
More info: https://stellarorg.atlassian.net/wiki/spaces/SCRT/pages/5689311233/Socket+Tier+1+Reachability+Analysis