-
**What would you like to be added**:
SBOM formats such as CycloneDX and SPDX support including the full text of a license with a component. It would be great if syft could extract this information wh…
-
At Acquia we’re currently using this component as part of our globally distributed Kubernetes infrastructure.
Like most providers, we expend a lot of effort ensuring that we remain compliant with v…
-
The python SDK is relatively mature:
https://pypi.org/project/aliyun-python-sdk-core/
https://github.com/aliyun/aliyun-openapi-python-sdk
Configure profiles:
https://www.alibabacloud.com/help/d…
-
Historically, the ORT analyzer has been pedantic about getting things right (i.e. resolving *exactly* the same dependencies as the build system does), and gathering *all* metadata known about a packag…
-
I am trying to utilize Microsoft Go Bullseye container (mcr.microsoft.com/oss/go/microsoft/golang:1.22-bullseye) to use OpenSSL FIPS compliant shared libs to replace stdlib Go crypto as documented [he…
-
You are creating great software, thank you very much for that.
An improvement could be a better display of the license for each file.
I am a license compliance expert working for Siemens. We sca…
-
This issue proposes to add optional `licenseDeclaredText` field to allow exchanging declared license stings as found in package manifest (pom.xml, package.json).
Motivation:
- Enables package mana…
-
Customize Cilium integrated with Azure CNI Overlay to allow WireGuard node-to-node encryption (Not BYON).
This is already supported by [Calico](https://docs.tigera.io/calico/latest/network-policy/enc…
-
## Date
Thursday, June 20 2024 - 12pm ET; 5pm UK
## Untracked attendees
| Name | Firm | Comment |
| :--- | :--- | :------ |
## Meeting notices
- FINOS **Project leads** are responsible…
-
While discussing a PR a concern was raised about license compliance this seems to be a reasonable concern and the appropriate resolution is producing a automated bill of materials