XF/GIA
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Fix all integrations

Browse Source
This commit is contained in:
Mark Veidemanis
2026-03-08 22:08:55 +00:00
parent bca4d6898f
commit acedc01e83
58 changed files with 4120 additions and 960 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
artifacts/audits/1-initial.json
View File

@@ -102,7 +102,7 @@
"severity": "high",
"category": "supply-chain",
"rule": "GIT_PYTHON_DEP",
"title": "Git/URL Python Dependency: git+https://git.zm.is/XF/django-crud-mixins",
"title": "Git/URL Python Dependency: git+https://git.example.invalid/vendor/django-crud-mixins",
"description": "Installing from git/URL bypasses PyPI integrity checks.",
"fix": "Publish to PyPI or pin to a specific commit hash",
"cwe": null,
@@ -522,9 +522,9 @@
"severity": "medium",
"category": "supply-chain",
"rule": "UNPINNED_PYTHON_DEP",
"title": "Unpinned Python Dependency: git+https://git.zm.is/XF/django-crud-mixins",
"title": "Unpinned Python Dependency: git+https://git.example.invalid/vendor/django-crud-mixins",
"description": "Python dependency without version pin. Pin to a specific version for reproducible builds.",
"fix": "Pin version: git+https://git.zm.is/XF/django-crud-mixins==x.y.z",
"fix": "Pin version: git+https://git.example.invalid/vendor/django-crud-mixins==x.y.z",
"cwe": null,
"owasp": null
},
@@ -812,7 +812,7 @@
"severity": "high",
"category": "supply-chain",
"categoryLabel": "SUPPLY CHAIN",
"title": "Git/URL Python Dependency: git+https://git.zm.is/XF/django-crud-mixins",
"title": "Git/URL Python Dependency: git+https://git.example.invalid/vendor/django-crud-mixins",
"file": "requirements.txt:26",
"action": "Publish to PyPI or pin to a specific commit hash",
"effort": "medium"
@@ -1162,9 +1162,9 @@
"severity": "medium",
"category": "supply-chain",
"categoryLabel": "SUPPLY CHAIN",
"title": "Unpinned Python Dependency: git+https://git.zm.is/XF/django-crud-mixins",
"title": "Unpinned Python Dependency: git+https://git.example.invalid/vendor/django-crud-mixins",
"file": "requirements.txt:26",
"action": "Pin version: git+https://git.zm.is/XF/django-crud-mixins==x.y.z",
"action": "Pin version: git+https://git.example.invalid/vendor/django-crud-mixins==x.y.z",
"effort": "medium"
},
{