-
When talking about GUAC, a common issue that pops up is that it's hard to find your vulnerabilities or legal information in a specific SBOM. Currently, to find this, the user would have to make multip…
-
**Is your feature request related to a problem? Please describe.**
Currently, we are using our [own version to attest to vulnerability](https://github.com/guacsec/guac/blob/main/pkg/certifier/attes…
-
When both the `preload` and `loading-states` extension is used together, whenever a preload initiates a request, the loading indicator becomes visible. This is usually not a problem if we use the defa…
-
Add Kubernetes protocol
-
## Question
I am trying out guac, approaching it with I would consider a simple and primary use case: getting known vulnerabilities for a set of packages.
I did ingest some SBOMs, ran certifiers…
-
**Is your feature request related to a problem? Please describe.**
Add distributed tracing support to allow for introspecting traffic/code flow in the guac stack and measuring performance.
e.g. be a…
-
The `openssl` crate verion is v0.9.24 which is too low, v1.1.1 is supported since v10 IIUC
-
Something like Guac.com or whatever. Easier to join in
-
This issue is to track the ability for GUAC to provide heurstics and mechanisms in order to ensure identical artifacts and packages are linked to each other, as well as similar packages/artifacts wher…
-
**Describe the bug**
Discovered by [kurt-r2c](https://github.com/kurt-r2c) in original PR https://github.com/guacsec/guac/pull/896:
The CycloneDX specification as of 1.4 does not require the com…