-
Both the [SPDX](https://spdx.dev/) and [CycloneDX](https://cyclonedx.org/) SBOM communities have reached out to inquire about referencing GitBOM in their SBOMs.
- [CycloneDX expressed a desire for …
-
Would be great if the version is easily retrievable from the firmware.
Current options:
- DMI property (UEFI-only), which would allow us to use standardized interfaces, so my preference.
- Adding…
-
Would be great if ECR could support cache-manifest (see: https://medium.com/titansoft-engineering/docker-build-cache-sharing-on-multi-hosts-with-buildkit-and-buildx-eb8f7005918e)
**NOTE FROM …
-
## Checklist
- [x] I've read [the documentation regarding wrong detection](https://aquasecurity.github.io/trivy/latest/community/contribute/issue/#wrong-detection).
- [x] I've confirmed that a secur…
-
as mentioned in https://github.com/spdx/spdx-3-model/issues/42, the examples in the diagram contain `"software"` profile elements (e.g. `SBOM`) but do not list it under `profiles` in their creation in…
-
It would be hugely helpful if Dangezone was capable of converting HWP files produced by Hancom Office, a terrible office suite that's extremely widely used in South Korea and frequently used for targe…
-
# 每日安全资讯(2023-06-09)
- HackerOne Hacker Activity
- [ ] [Open redirect due to scanning QR code via brave browser](https://hackerone.com/reports/1946534)
- ZAWX_NETSTARSEC的博客
- [ ] [集权攻防——身份认证协议之NT…
-
Hi there,
I'm writing to suggest an enhancement for this project to improve its integration and ensure long-term reliability, particularly for package managers like apt, rpm, yum, nix, etc.
The …
-
Discussed on the tech call on March 7, 2023.
The current model uses a `suppliedBy` relationship from the `Package` to an `Agent` to describe the supplier of a package.
In SPDX 2.3, the supplier …
-
- [x] I have tried with the latest version of Docker Desktop
- [-] I have tried disabling enabled experimental features
- [-] I have uploaded Diagnostics
- Diagnostics ID: N/A
##…