Skip to content
This repository has been archived by the owner on Mar 21, 2024. It is now read-only.

Add workflow for security governance for packages #755

Open
peterhessey opened this issue Jun 29, 2022 · 0 comments
Open

Add workflow for security governance for packages #755

peterhessey opened this issue Jun 29, 2022 · 0 comments
Assignees
Labels
improvements Improve performance of InnerEye

Comments

@peterhessey
Copy link
Contributor

peterhessey commented Jun 29, 2022

🚀 Feature
A GitHub workflow that regularly runs to check for security issues with any packages existing in environment.yml. It should run regularly (e.g. weekly) as well as on any new PRs. It should fail if any critical packages are found. Dependabot may provide some or all of the necessary functionality here.

Motivation

A similar suite of checks in the private MSR repo for IE-DL (which uses this repo as a submodule) are failing due to security concerns around packages used in this env.

AB#6364

@peterhessey peterhessey self-assigned this Jun 29, 2022
@peterhessey peterhessey added the improvements Improve performance of InnerEye label Jun 29, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
improvements Improve performance of InnerEye
Projects
Status: No status
Development

No branches or pull requests

1 participant