Skip to content

Group CVEs #109

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
eshulman2 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Group CVEs #109

eshulman2 wants to merge 1 commit into from

Conversation

@eshulman2
Copy link
Contributor

@eshulman2 eshulman2 commented Dec 28, 2025
edited by openshift-ci bot
Loading

many times similar CVEs are opened for the same U/S components this
patch groups them in the same message and the same assignee to make sure
we are not duplicating work triage the issue

Jira: OSASINFRA-4030

@eshulman2
Group CVEs
6560caa 
many times similar CVEs are opened for the same U/S components this
patch groups them in the same message and the same assignee to make sure
we are not duplicating work triage the issue
@openshift-ci openshift-ci bot requested review from gryf and mandre December 28, 2025 09:04
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Dec 28, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: eshulman2
Once this PR has been reviewed and has the lgtm label, please assign stephenfin for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

mandre
mandre reviewed Jan 2, 2026
View reviewed changes
cmd/pretriage/notify.go
notification.WriteString(slackId)
notification.WriteString("> ")

// Format: "CVE-2024-XXXX (Component): ISSUE-1 ISSUE-2 ISSUE-3"
Copy link
Contributor

@mandre mandre Jan 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For bugs, the message is:<slack_handle> you have been assigned triage of this bug: <link to bug>. Should we try to be more consistent and user friendly with the message that's delivered?

cmd/pretriage/cve.go
)

// CVEFieldID is the JIRA custom field ID for the CVE identifier
const CVEFieldID = "customfield_12324749"
Copy link
Contributor

@mandre mandre Jan 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where did you get this custom field from? Looking at a CVE issue (https://issues.redhat.com/browse/OCPBUGS-70096), I can't find a customfield_12324749 field.

See https://confluence.atlassian.com/jirakb/how-to-find-any-custom-field-s-ids-744522503.html for listing the available custom fields.

I suspect we may have to find CVE via the CVE prefix in the title.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mandre mandre mandre left review comments

@gryf gryf Awaiting requested review from gryf

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@eshulman2 @mandre