LabelRepositorySecurityAdvisory returns the IFC label for repository- or organization-scoped security advisories. Integrity is untrusted (externally authored advisory prose). Confidentiality is public only when the repository is public AND every advisory in the result is in the "published" state.
(isPrivate bool, allPublished bool)
| 276 | // prevents misclassifying an unpublished advisory from a public repo as |
| 277 | // public-readable. Private repositories are always private regardless of state. |
| 278 | func LabelRepositorySecurityAdvisory(isPrivate bool, allPublished bool) SecurityLabel { |
| 279 | if isPrivate || !allPublished { |
| 280 | return PrivateUntrusted() |
| 281 | } |
| 282 | return PublicUntrusted() |
| 283 | } |
| 284 | |
| 285 | // LabelGist returns the IFC label for gist content. |
| 286 | // |