Skip to content

Gromit sync with tyk repo TT-16131 #7542

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
lghiur merged 3 commits into from
Nov 18, 2025

Merge branch 'master' into releng/master

a57cbbc
Select commit
Loading
Failed to load commit list.
Merged

Gromit sync with tyk repo TT-16131 #7542

Merge branch 'master' into releng/master
a57cbbc
Select commit
Loading
Failed to load commit list.
probelabs / Visor: security succeeded Nov 18, 2025 in 3m 35s

✅ Check Passed (Warnings Found)

security check passed. Found 2 warnings, but fail_if condition was not met.

Details

📊 Summary

  • Total Issues: 2
  • Warning Issues: 2

Issues by Category

Security (2)

  • ⚠️ .github/workflows/release.yml:490 - Error suppression in the Debian upgrade test pipeline using || echo can mask legitimate installation failures. This may cause upgrade tests to be skipped silently, preventing the detection of regressions in the upgrade process, which could have security implications. The current implementation hides errors from curl, bash, and apt-get.
  • ⚠️ .github/workflows/release.yml:549 - Error suppression in the RPM upgrade test pipeline using || echo can mask legitimate installation failures. This may cause upgrade tests to be skipped silently, preventing the detection of regressions in the upgrade process, which could have security implications. The current implementation hides errors from curl, bash, and yum.

Powered by Visor from Probelabs

💡 TIP: You can chat with Visor using /visor ask <your question>

Annotations

Check warning on line 491 in .github/workflows/release.yml

See this annotation in the file changed.

@probelabs probelabs / Visor: security

security Issue 

Error suppression in the Debian upgrade test pipeline using `|| echo` can mask legitimate installation failures. This may cause upgrade tests to be skipped silently, preventing the detection of regressions in the upgrade process, which could have security implications. The current implementation hides errors from `curl`, `bash`, and `apt-get`.
Raw output 
Fail the CI job on unexpected errors. If the goal is to handle cases where a previous version is not found, explicitly check for the 'package not found' error from `apt-get` and only then proceed. Other errors (e.g., from `curl` or repository setup) should cause the job to fail to ensure pipeline integrity.

Check warning on line 550 in .github/workflows/release.yml

See this annotation in the file changed.

@probelabs probelabs / Visor: security

security Issue 

Error suppression in the RPM upgrade test pipeline using `|| echo` can mask legitimate installation failures. This may cause upgrade tests to be skipped silently, preventing the detection of regressions in the upgrade process, which could have security implications. The current implementation hides errors from `curl`, `bash`, and `yum`.
Raw output 
Fail the CI job on unexpected errors. If the goal is to handle cases where a previous version is not found, explicitly check for the 'package not found' error from `yum` and only then proceed. Other errors (e.g., from `curl` or repository setup) should cause the job to fail to ensure pipeline integrity.
View more details on probelabs