-
**Chainguard on Tuesday published a draft OpenVEX specification to help software vendors and maintainers communicate precise metadata about the vulnerability status of products directly to end users…
-
## 2023-01-31 @pdxjohnny Engineering Logs
- Release of OpenVEX! Chaos smiles on us again :)
- https://mastodon.social/@ariadne@treehouse.systems/109784681116604896
- > meanwhile at work, a …
-
sbom conceptual overview to support openvex tutorial
-
Add support to filter vexed vulnerabilities out of Grype scan results
-
Some data is missing in the resulting document when merging, probably a result of the latest updates to the vex type. Here is a sample resulting from the merge of the testdata examples:
```json
{
…
-
# Maintainer Nomination: Alex Goodman
GitHub handle: @wagoodman
**Note:** This nomination is part of the initial community bootstrap.
## Sponsoring Maintainers
A community member may…
-
# Maintainer Nomination: Rose Judge
GitHub handle: @rnjudge
**Note:** This nomination is part of the initial community bootstrap.
## Sponsoring Maintainers
A community member may …
-
# Maintainer Nomination: Brandon Lum
GitHub handle: @lumjjb
**Note:** This nomination is part of the initial community bootstrap.
## Sponsoring Maintainers
A community member may als…
-
This thread is intended for folk to brainstorm about potential project ideas for GSoC 2023. The idea is to have a separate thread from the "GSoC start here" issue (#2230) so that we have a place wh…
-
The digital supply chain is probably more extensive and more complicated than you realize. Upward of 98% of organizations have a relationship with at least one third party that has experienced a bre…