Open Issues Need Help
View All on GitHubAI Summary: This issue proposes adding a SECURITY.md file to the repository. This file will establish a private channel for security researchers to report vulnerabilities, preventing them from being disclosed publicly through regular GitHub issues. This is being done in conjunction with CodeQL scanning.
AI Summary: This issue proposes integrating GitHub CodeQL into the repository's CI/CD pipeline. The goal is to automatically perform static analysis on Python code, scan pull requests for vulnerabilities, and surface security alerts in the GitHub Security tab. This will help catch common Python vulnerabilities early and improve the overall security posture of the project.
AI Summary: Implement a missing validation check in the SUSE documentation build process (docbuild) to ensure that references within XML configuration files (e.g., sbp.xml) are valid and point to existing products. This involves modifying the `create_stitchfile` function in `src/docbuild/config/xml/stitch.py` to utilize the `global-check-ref-list.xsl` stylesheet for validation and ensuring that the build process fails when invalid references are detected.