Clarify ARC details in README #339
Conversation
There was a problem hiding this comment.
Please find StepSecurity AI-CodeWise code comments inline or below.
README.md
Please refer to 2 inline comments.
Feedback
We appreciate your feedback in helping us improve the service! To provide feedback, please use emojis on this comment. If you find a comment helpful, give it a 👍. If they aren't useful, kindly express that with a 👎. If you have questions or detailed feedback, please create n GitHub issue in StepSecurity/AI-CodeWise.
| GitHub-hosted runner uses passwordless sudo for running jobs. | ||
|
|
||
| - This means compromised build tools or dependencies can install attack tools | ||
| - If your job does not need sudo access, you see a policy | ||
| recommendation to disable sudo in the insights page | ||
| - When you set `disable-sudo` to `true`, the job steps run without sudo access to the Ubuntu VM | ||
| - When you set `disable-sudo` to `true`, the job steps run without sudo access to the GitHub-hosted Ubuntu VM |
There was a problem hiding this comment.
[High]Do not disable sudo access when running jobs on GitHub-hosted runners without first assessing the impact
The current implementation recommends disabling sudo access for jobs running on GitHub-hosted runners, which could result in unexpected impact on the running job. Before disabling sudo access, assess the impact on the job and ensure that all necessary commands and dependencies can still be installed without sudo access.
| @@ -128,17 +144,33 @@ Install the [StepSecurity Actions Security GitHub App](https://github.com/apps/s | |||
|
|
|||
| ## Discussions | |||
|
|
|||
| If you have questions or ideas, please use [discussions](https://github.com/step-security/harden-runner/discussions). For support for ARC and Private repositories, email info@stepsecurity.io. | |||
| - If you have questions or ideas, please use [discussions](https://github.com/step-security/harden-runner/discussions). | |||
| - For support for ARC and Private repositories, email support@stepsecurity.io. | |||
There was a problem hiding this comment.
[Low]Specify the support email address for ARC and Private repositories
The current implementation mentions support for ARC and Private repositories, without specifying the email address for support. Specify the email address for support whenever mentioning support for a feature.
Codecov ReportPatch and project coverage have no change.
❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the GitHub App Integration for your organization. Read more. Additional details and impacted files@@ Coverage Diff @@
## main #339 +/- ##
=======================================
Coverage 60.15% 60.15%
=======================================
Files 3 3
Lines 128 128
Branches 30 30
=======================================
Hits 77 77
Misses 46 46
Partials 5 5 ☔ View full report in Codecov by Sentry. |
No description provided.