ppkarwasz opened a new pull request, #163: URL: https://github.com/apache/solr-site/pull/163
This change introduces two GitHub workflows that partially automate the maintenance of the VEX file for Apache Solr by identifying relevant CVEs and assessing their reachability. * **`check_cve`** Scans the components of a given Solr distribution for known CVEs. For each CVE that does not yet have a corresponding VEX entry (and is not already covered by an open PR), the workflow automatically triggers `generate_vex` with the appropriate parameters. * **`generate_vex`** Analyzes the reachability of a specific CVE using metadata from the [`callgraph_metadata`](https://github.com/vex-generation-toolset/callgraph-metadata) repository and determines whether the vulnerability can impact Solr. Together, these workflows reduce the maintenance effort of maintaining the VEX file. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
