Comments (13)
It's not a real problem for me personally, because my fork runs the same security checks and reports them (so the whole GitHub concept of hiding the security reports is strange and wasting energy for unnecessary computations).
from kitodo-presentation.
I don't see any notes
Then go to settings/security_analysis and look for "Code scanning" and "Protection rules". There you can set the alert severity levels. Set both levels to "any" to get all the notes, too. Not all kinds of notes are useful, but some of them are.
from kitodo-presentation.
Only "members" of the Kitodo organization or the repository can see the security related pages which are mentioned above. I was member in 2017, but obviously removed later.
from kitodo-presentation.
Access can only be granted to admins, members with push rights and specific user groups. I'd have to create a user group and add all current outside collaborators to that group... :o(
from kitodo-presentation.
Votes: 11
from kitodo-presentation.
Can you please give me access to the security tab to fix the issues and warnings? Thanks!
from kitodo-presentation.
It's usually sufficient to fork the repository and use the security tab in your own fork (see my comment above). Then you can either use the fixes which are generated by CodeQL or manual fixes to create a pull request.
from kitodo-presentation.
Can you please give me access to the security tab to fix the issues and warnings? Thanks!
I've granted you the security manager role. You should be able to access the security tab now.
from kitodo-presentation.
Thanks Stefan and Sebastian, that helps a lot!
from kitodo-presentation.
I think I'm blind, but now I see 40 security issues on my current fork of the kitodo-presentation master: What do I have to do/configure to see the same amount of issues? How can I apply the same checks on a branch? I think I yust need a hint... Thanks!
from kitodo-presentation.
from kitodo-presentation.
GitHub code scanning currently reports 7 warnings and more than 6000 notes for the master branch.
from kitodo-presentation.
I don't see any notes and of the warnings we decided to ignore all that are reported for the 3D viewer javascripts (because those are still in a prototypical state and under heavy development). I've forwarded them to the developers and they will take care of those.
So, for me this looks fine, now.
from kitodo-presentation.
Related Issues (20)
- [Question] Trigger New Tenant Module functions via CLI HOT 1
- [BUG] Search word highlighting does not work (`tx_dlf[highlight_word]`) HOT 1
- [Question] How to use the 3D viewer?
- [BUG] Metadata and structure translation entries HOT 14
- [BUG] PR#1116 somehow broke my viewer. When opening a document with a fulltext it just shows "Volltext wird geladen" HOT 3
- [BUG] Memory leak in kitodo:reindex CLI job HOT 26
- Replace JPlayer HOT 4
- [FUND] Preconfigured, easy to install package for testing purposes HOT 1
- [FUND] Bundle default templates and design with Kitodo.Presentation HOT 1
- Update Documentation HOT 6
- [BUG] Metadata `index_name` still gets changed when moving metadata in list HOT 2
- [BUG] Metadata `sorting` value is `0` for every entry
- Activate GitHub Discussions for this repository HOT 2
- [BUG] Error when saving a Collection
- [BUG] Number of hits for facets incorrect HOT 1
- [Question] Use annotated tags for future releases HOT 2
- [BUG] Error message when using the new reindexing options --index-limit and --index-begin
- [FEATURE] Add feedback for future "unsupported" ALTO versions
- [REVERT] Use TYPO3 DataHandler in the backend HOT 1
- [BUG] Reindexing options -l and -b work not with -c (or long versions) or -a
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kitodo-presentation.