-
**What would you like to be added**:
Add the ability to shell-out to known tools such as `go` and `mvn` in order to capture more accurate build-time dependency information.
**Why is this needed**:…
-
Following on from https://github.com/kubernetes-sigs/cluster-api/issues/9181 there may be a need in CAPI to find a good way to scan for forbidden licenses in our release artifacts - namely our control…
-
## Narrativa
O projeto Lista de Compras foi criado como parte da nossa formação para ajudar no aprendizado de desenvolvimento colaborativo, incentivando a prática. No entanto, o projeto ficou parad…
-
Kubernetes has a very large number of golang library dependencies. While there is some work to track and ensure license compatability, there is little to know work done to track vulnerabilities in the…
-
### Ticket Contents
## Description
This has two aspects, the first one being more high level information such as the lines of code, contributors, dependencies, repositories, commits. An automate…
-
Thought I would bring this up here as [Speccy ](https://github.com/wework/speccy) is a dead repo (last updated 3 years ago). It looks like Speccy is being used here and the latest version of Speccy is…
-
### Community Note
* Please vote on this issue by adding a 👍 [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to the original issue to help the…
-
Author: @bmbouter (bmbouter)
Redmine Issue: 6871, https://pulp.plan.io/issues/6871
---
## Goal
Users storing content in pulp_container should derive benefit from security scanning of docker con…
-
# Modules
This is an RFC for how Cicada should integrate with 3rd-party code. First we propose what we think is best, then we ask some questions. We’d love to hear your thoughts!
### Proposal
…
-
Hi there,
We noticed that your repo has a low severity vulnerability:
- [Regular Expression Denial of Service](https://snyk.io/vuln/npm:uglify-js:20151024?utm_source=gh_issue)
- Affected package:…