-
Add license info to all the poms published by this repo.
e.g. (and an any other publish poms)
- https://plugins.gradle.org/m2/net/ltgt/errorprone/net.ltgt.errorprone.gradle.plugin/4.0.1/net.ltgt…
-
While @pombredanne and I were reviewing the VCIO UI, it became clear that some of the data displayed in the `Fixed by packages` tab of the `Vulnerability details` page -- and thus the data in the DB -…
-
In this task, we aim to streamline and enhance user workflow by implementing LPVS as a GitHub Action.
**Objectives:**
- [ ] GitHub Action Integration:
Configure LPVS to run as a GitHub Actio…
-
I'm running docker on commit 8c0bbf6582544465c1f77973a9724c41cd191624. It produces the following error.
```
=> ERROR [builder 4/11] COPY ./dist/scanoss-*-py3-none-any.whl /install/ …
-
It appears we are missing an important part of the PURL spec, `type`, as can be seen below.
![image](https://github.com/SoftwareDesignLab/nvip-crawler/assets/60295839/cf2cebca-46d9-44ef-bf9e-f688e38c…
-
[BOM or SBOM (Software Bill of Materials)](https://en.wikipedia.org/wiki/Software_bill_of_materials) are becoming a fundamental piece to understand a project and its dependencies (i.e. check latest [E…
-
It's great that https://docs.google.com/spreadsheets/d/1ONZ4qeMq8xmeCHX03lIgIYE4MEXVfVL6oj05lbuXTDM/edit#gid=577559548 exists. It'd be helpful for cross-referencing if the purls of each of these were …
-
Both CPE and PURL are open 'standards' of sorts. On the surface, it appears that OSS Index does some internal mappings between PURL and CPE via a one-way reference. This is likely simplistic to what a…
-
## Goal
Ensure freshness in the https://github.com/todogroup/awesome-ospo repo
## Description
We need to check the links in the Awesome OSS Management list occasionally to ensure that they're sti…
-
As ORT is an orchestrator, it should allow to configure BlackDuck as scanner where code snippet can be scanned and result can be stored in ORT backend storage i.e. PostgreSQL
High Level Considerati…