-
@SantiagoTorres
I would like to suggest the addition of software supply chain tracking criteria to the CII Badge process. The addition of cryptographically signed and validated steps in the softw…
-
Rather than requiring the sender to pick a food type, allow the system to pick for you. For space stations, it really doesn't matter what type.
I'd suggest four choices: food (max), food (even), ore…
-
If you special-case anything in an application it becomes communication overhead, and as soon as the chain of communication breaks (or someone forgets) it's not special-cased anymore and you're unknow…
-
Perhaps adding an additional safeguard on the transform output could increase trust in the shipped base64 wasm file
PoC on top of the package public API (but embedding that inside the package might…
-
Create an enterprise architecture and accompanying threat model to identify the threats that we need to address as part of the "sterling toolchain" and validate existing standards.
High level goals…
-
## Overview
See https://github.com/cncf/tag-security/issues/1025
We are in the process of implementing supply chain security best practices in the Kubescape project.
The first phase of this pr…
-
Hey @rhofvendahl, I think [this](https://github.com/w3c-ccg/traceability-vocab/blob/main/docs/openapi/components/schemas/workflows/common-import-credentials.yml#L25) is a mistake. TraceAPI is not a su…
-
Software za upravljanje lancem nabavke
-
**Github username:** --
**Twitter username:** --
**Submission hash (on-chain):** 0x5ad0f3bda268d9823484d3daaf55a1f34a7ba6371ed7e47b652a10d2adc43005
**Severity:** high
**Description:**
**Description*…
-
## Date
10/10/2023
## Untracked attendees
| Name | Firm | Comment |
| :--- | :--- | :------ |
## Meeting notices
- FINOS **Project leads** are responsible for observing the FINOS guideli…