Open
Description
govulncheck is used to compare before-and-after states of pull requests so that contributors and reviewers can tell:
- does their PR introduce more known vulnerabilities into Kubernetes
- Does their PR remove known vulnerabilities from Kubernetes
They currently need to inspect the logs in order to find this information. Those logs are messy because of status messages emitted by git worktree add
. An example is here.
It would be nice to quiet that status text, so that the govulncheck logs can be more easily found and inspected.
/sig security