The GitHub Actions job "Tests" on airflow.git has failed. Run started by GitHub user potiuk (triggered by potiuk).
Head commit for run: bd762789a49b42bf745c4cc45d44884722c3e756 / Jarek Potiuk <[email protected]> Tell users what to do if their scanners find issues in the image We often get reports with results of the image scanning sent to the security team. However, for 3rd-party CVEs which are public, this is wrong way of reporting them and our users have other ways they can either handle it, or research it or contribute back their findings back and it's not clear for them that a) they have those options b) their expectations are that Airflow security team will tell them how to clear their security scan reports, c) they do not know they should (and can) contribute back. This change restructures and clarifies the chapter that was describing it in a pretty vague way - turning it into "How to" guide for the users, explaining all the options they have and explaining what are the ways they can contribute back - also making it crystal clear what is the responsibility of the security team for it and that the community expects contributions in such cases from commercial users who want their security reports cleared, not the other way round. Report URL: https://github.com/apache/airflow/actions/runs/8017994840 With regards, GitHub Actions via GitBox --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
