Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 8.1.0-rc0
Affects Version/s: None
Component/s: None
Labels:
None

Assigned Teams:

Server Security
Backwards Compatibility:
Fully Compatible
Sprint:
Security 2024-08-05, Security 2024-08-19
Confidence Status:
None
Work Order:
3
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

Third party libraries are checked for vulnerabilities with cycloneDX. https://github.com/10gen/mongo/blob/master/sbom.json is validated against bom-1.5.schema.json before cycloneDX vulnerability check. sbom.json file may contain a version for a library/component.

Third party libraries have import scripts (https://github.com/10gen/mongo/tree/master/src/third_party#readme) which may include a version.

These two versions should be validated against each other in this ticket when possible.

duplicates

SERVER-93186 Update Linter to ensure README.third_party.md is updated alongside sbom

Closed

Assignee:: Niaz Pavel (Inactive)
Reporter:: Niaz Pavel (Inactive)
Participants:: Githook User, Niaz Pavel
Votes:: 0 Vote for this issue
Watchers:: 1 Start watching this issue

Created:: Jul 30 2024 06:26:11 PM UTC
Updated:: Aug 19 2024 04:05:16 PM UTC
Resolved:: Aug 19 2024 04:05:16 PM UTC