enterprise-contract/ec-policies issues and pull requests

#1144 - Mention module purls in rpm repo id check

Pull Request - State: open - Opened by simonbaird 12 days ago - 1 comment

#1143 - Allow subpaths to be excluded in disallowed pkgs

Pull Request - State: open - Opened by lcarva 12 days ago - 2 comments

#1142 - Use PURL's subpath when matching disallowed pkgs

Pull Request - State: closed - Opened by lcarva 13 days ago - 4 comments

#1141 - VS Code things

Pull Request - State: closed - Opened by lcarva 13 days ago - 1 comment

#1140 - feat(STONEINTG-660): rename CLAIR_SCAN_RESULT>SCAN_OUTPUT

Pull Request - State: open - Opened by jsztuka 14 days ago - 4 comments

#1139 - Bump github.com/enterprise-contract/ec-cli from 0.5.144 to 0.6.5

Pull Request - State: closed - Opened by dependabot[bot] 15 days ago
Labels: dependencies, go

#1138 - Bump github.com/tektoncd/cli from 0.38.0 to 0.38.1

Pull Request - State: closed - Opened by dependabot[bot] 15 days ago
Labels: dependencies, go

#1137 - Bump github/codeql-action from 3.26.6 to 3.26.7

Pull Request - State: closed - Opened by dependabot[bot] 15 days ago
Labels: dependencies, github_actions

#1136 - Bump step-security/harden-runner from 2.9.1 to 2.10.1

Pull Request - State: closed - Opened by dependabot[bot] 15 days ago
Labels: dependencies, github_actions

#1135 - Confirm all rpms in sboms have a known repo id

Pull Request - State: closed - Opened by simonbaird 19 days ago - 7 comments

#1134 - Use custom EC OPA in VS Code

Pull Request - State: closed - Opened by lcarva 21 days ago - 1 comment

#1133 - Specific version support for required Task results

Pull Request - State: closed - Opened by zregvart 21 days ago - 1 comment

#1132 - Update description to only include sha1 entries

Pull Request - State: closed - Opened by joejstuart 22 days ago - 2 comments

#1131 - Bump github.com/enterprise-contract/ec-cli from 0.5.128 to 0.5.144

Pull Request - State: closed - Opened by dependabot[bot] 22 days ago - 2 comments
Labels: dependencies, go

#1130 - Bump github.com/styrainc/regal from 0.25.0 to 0.26.1

Pull Request - State: closed - Opened by dependabot[bot] 22 days ago - 3 comments
Labels: dependencies, go

#1129 - Document pitfalls of writing policy rules

Pull Request - State: closed - Opened by lcarva 25 days ago - 3 comments

#1128 - Remove Red Hat Manifests package

Pull Request - State: closed - Opened by lcarva 25 days ago - 1 comment

#1127 - Tweaks to fetching CycloneDX SBOM

Pull Request - State: closed - Opened by lcarva 25 days ago - 1 comment

#1126 - Add helper for extracting a repo id from a purl

Pull Request - State: closed - Opened by simonbaird 26 days ago - 5 comments

#1125 - Add policy rules to verify RPM sig keys

Pull Request - State: closed - Opened by lcarva 27 days ago - 3 comments

#1124 - Rework package path logic in result helper

Pull Request - State: closed - Opened by simonbaird 28 days ago - 2 comments

#1123 - Bump github/codeql-action from 3.26.5 to 3.26.6

Pull Request - State: closed - Opened by dependabot[bot] 29 days ago
Labels: dependencies, github_actions

#1122 - Bump actions/upload-artifact from 4.3.6 to 4.4.0

Pull Request - State: closed - Opened by dependabot[bot] 29 days ago
Labels: dependencies, github_actions

#1121 - Bump github.com/enterprise-contract/ec-cli from 0.5.120 to 0.5.128

Pull Request - State: closed - Opened by dependabot[bot] 29 days ago
Labels: dependencies, go

#1120 - Set same golang version as in go.mod

Pull Request - State: closed - Opened by zregvart 29 days ago - 1 comment

#1119 - Document how to bundle policies

Issue - State: open - Opened by lcarva about 1 month ago

#1118 - Add effective_on support to disallowed_attributes

Pull Request - State: closed - Opened by lcarva about 1 month ago - 1 comment

#1117 - Update ec-cli in acceptance tests

Pull Request - State: closed - Opened by lcarva about 1 month ago - 1 comment

#1116 - Verify Task definitions contain a certain result

Pull Request - State: closed - Opened by lcarva about 1 month ago - 1 comment

#1115 - Use ec.oci.image_files to fetch the SBOM from the image, if needed.

Issue - State: closed - Opened by lcarva about 1 month ago - 1 comment

#1114 - Bump github.com/tektoncd/cli from 0.37.0 to 0.38.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, go

#1113 - Bump github.com/enterprise-contract/ec-cli from 0.5.111 to 0.5.120

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, go

#1112 - Bump github/codeql-action from 3.26.2 to 3.26.5

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#1111 - Bump github/codeql-action from 3.26.0 to 3.26.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#1110 - Bump github.com/styrainc/regal from 0.24.0 to 0.25.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago - 1 comment
Labels: dependencies, go

#1109 - Bump github.com/enterprise-contract/ec-cli from 0.5.95 to 0.5.111

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, go

#1108 - Add Apache 2.0 license file

Pull Request - State: closed - Opened by zregvart about 2 months ago - 1 comment

#1107 - Bump github.com/docker/docker from 27.1.0+incompatible to 27.1.1+incompatible

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#1106 - Bump github/codeql-action from 3.25.15 to 3.26.0

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#1105 - Bump step-security/harden-runner from 2.9.0 to 2.9.1

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#1104 - Bump actions/upload-artifact from 4.3.5 to 4.3.6

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#1103 - Bump github.com/enterprise-contract/ec-cli from 0.5.84 to 0.5.95

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#1102 - Add support for required label values

Pull Request - State: closed - Opened by lcarva about 2 months ago - 1 comment

#1101 - Bump github.com/enterprise-contract/ec-cli from 0.5.68 to 0.5.84

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#1100 - Bump actions/upload-artifact from 4.3.4 to 4.3.5

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#1099 - Bump github.com/docker/docker from 27.0.3+incompatible to 27.1.0+incompatible

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, go

#1098 - Bump github.com/docker/docker from 25.0.5+incompatible to 25.0.6+incompatible in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#1097 - Remove redhat-appstudio

Pull Request - State: closed - Opened by lcarva 2 months ago

#1096 - Disallow certain PLATFORM patterns

Pull Request - State: closed - Opened by lcarva 2 months ago - 3 comments

#1095 - RHTAP Jenkins collection followups

Pull Request - State: closed - Opened by simonbaird 2 months ago - 2 comments

#1094 - Restrict usage of ADD_CAPABILITIES

Pull Request - State: closed - Opened by lcarva 2 months ago - 2 comments

#1093 - Remove deprecated_cve_result_name from collections

Pull Request - State: closed - Opened by lcarva 2 months ago - 1 comment

#1092 - Verify operator CSV images are from allowed registries

Pull Request - State: closed - Opened by nmars 2 months ago - 5 comments

#1091 - Add some checks for RHTAP Jenkins attestations

Pull Request - State: closed - Opened by simonbaird 2 months ago - 1 comment

#1090 - Consider finding counts in addition to status

Pull Request - State: closed - Opened by zregvart 2 months ago - 3 comments

#1089 - `watch` target to run tests in watch mode

Pull Request - State: closed - Opened by zregvart 2 months ago - 1 comment

#1088 - Bump github/codeql-action from 3.25.13 to 3.25.15

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#1087 - Bump ossf/scorecard-action from 2.3.3 to 2.4.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#1086 - Bump github.com/enterprise-contract/ec-cli from 0.5.56 to 0.5.68

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#1085 - Bump github.com/open-policy-agent/conftest from 0.54.0 to 0.55.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#1084 - Update some GitHub appstudio refs

Pull Request - State: closed - Opened by simonbaird 2 months ago - 2 comments

#1083 - New rule to check for container image label values

Issue - State: closed - Opened by zregvart 2 months ago - 3 comments

#1082 - Examine `konflux:container:is_builder_image:for_stage` formulation components properties

Issue - State: closed - Opened by zregvart 2 months ago - 2 comments

#1081 - Audit the use of `lib.results_named`

Issue - State: closed - Opened by zregvart 2 months ago - 8 comments

#1080 - Update README.md with steps to test with local ec-cli

Pull Request - State: closed - Opened by yashvardhannanavati 2 months ago - 1 comment

#1079 - Bump github.com/styrainc/regal from 0.23.1 to 0.24.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago - 1 comment
Labels: dependencies, go

#1078 - Bump github.com/enterprise-contract/ec-cli from 0.5.46 to 0.5.56

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, go

#1077 - Bump github/codeql-action from 3.25.12 to 3.25.13

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#1076 - Bump docker/login-action from 3.2.0 to 3.3.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#1075 - Bump step-security/harden-runner from 2.8.1 to 2.9.0

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#1074 - Set correct license headers

Pull Request - State: closed - Opened by zregvart 2 months ago - 3 comments

#1073 - Expect pinned references in input snapshot for operators

Pull Request - State: closed - Opened by yashvardhannanavati 3 months ago - 2 comments

#1072 - Bump github.com/enterprise-contract/ec-cli from 0.5.39 to 0.5.46

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1071 - Bump actions/setup-go from 5.0.1 to 5.0.2

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#1070 - Bump github/codeql-action from 3.25.11 to 3.25.12

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#1069 - Redefine DOCKERFILE parameter check

Pull Request - State: closed - Opened by zregvart 3 months ago - 1 comment

#1068 - Bump google.golang.org/grpc from 1.64.0 to 1.64.1

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1067 - Verify all operator CSV pull specs will be valid on release

Pull Request - State: closed - Opened by yashvardhannanavati 3 months ago - 3 comments

#1066 - Bump github.com/enterprise-contract/ec-cli from 0.5.26 to 0.5.39

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1065 - feat: add an explicit allowlist rule for sbom external references

Pull Request - State: closed - Opened by ralphbean 3 months ago - 2 comments

#1064 - Bump actions/upload-artifact from 4.3.3 to 4.3.4

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#1063 - Bump github.com/enterprise-contract/ec-cli from 0.5.26 to 0.5.38

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, go

#1062 - Bump github.com/open-policy-agent/conftest from 0.53.0 to 0.54.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1061 - Script to update examples

Pull Request - State: closed - Opened by zregvart 3 months ago - 1 comment

#1060 - Add disallowed package external references rule

Pull Request - State: closed - Opened by ralphbean 3 months ago - 4 comments

#1059 - Implement label checks using builtins

Pull Request - State: closed - Opened by zregvart 3 months ago - 2 comments

#1058 - Bump github.com/enterprise-contract/ec-cli from 0.5.17 to 0.5.26

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1057 - Bump github.com/enterprise-contract/ec-cli from 0.5.17 to 0.5.25

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, go

#1056 - Bump github/codeql-action from 3.25.10 to 3.25.11

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#1055 - Add `effective_on` per attribute in `disallowed_attributes`

Issue - State: open - Opened by zregvart 3 months ago

#1054 - Remove obsolete raw data page in documentation

Pull Request - State: closed - Opened by simonbaird 3 months ago - 1 comment

#1053 - Bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1052 - Bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1051 - Bump github.com/hashicorp/go-retryablehttp from 0.7.5 to 0.7.7

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1050 - Bump github.com/hashicorp/go-retryablehttp from 0.7.5 to 0.7.7 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1049 - Bump github.com/enterprise-contract/ec-cli from 0.5.13 to 0.5.17

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, go

#1048 - Are trusted tasks only trusted one month in the future?

Issue - State: closed - Opened by ralphbean 3 months ago - 4 comments

#1047 - Merge rule_data.trusted_tasks into trusted_tasks

Pull Request - State: closed - Opened by simonbaird 3 months ago - 4 comments

#1046 - Fix typo in rule data attributes key

Pull Request - State: closed - Opened by simonbaird 3 months ago

#1045 - Bump github.com/enterprise-contract/ec-cli from 0.5.3 to 0.5.13

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago
Labels: dependencies, go

GitHub / enterprise-contract/ec-policies issues and pull requests