-
Set the structure of the site according to the following table of content.
Include existing sections in the corresponding chapters
1. Introduction (To be defined)
2.0 Open Source Software Funda…
-
It appears that Gitlab can provide dependency lists for projects https://docs.gitlab.com/ee/user/application_security/dependency_list/.
See:
- https://gitlab.com/gitlab-org/gitlab/-/blob/master/e…
-
### Feature Request
Currently it is not possible to verify the cryptographic authenticity after downloading the Trust Wallet software because the releases are not cryptographically signed.
This …
-
(Sorry for not following the template, couldn't see how to apply it for this issue!)
Hey, I'm Pedro and I'm working with Google and the [Open Source Security Foundation (OpenSSF)][ossf] to improve …
-
This PR is for rough ideas on topics and structuring of the book.
- Introduction
- Why security for research software?
- Credentials
- Managing credentials in code
- Time limited access…
-
In practice, that means you won’t need GPG keys and a complicated setup in order to sign your Git commits.
After installing and configuring Gitsign within your project and signing your commits, you w…
-
**Is your feature request related to a problem? Please describe.**
Adding a software bill of materials ([SBOM](https://en.wikipedia.org/wiki/Software_supply_chain)) has several advantages:
- Pos…
-
The [report](https://www.w3.org/2023/03/secure-the-web-forward/report.html) suggests the creation of a **cross-organization activity that can take a holistic approach to security on the Web**. This is…
-
`dependency-guard` does an awesome job of protecting projects from unwanted dependency changes.
But this way we know nothing about the actual dependency content and cannot protect against malicious…
amal updated
4 months ago
-
**❗ please do not add sensitive information in issues, you can provide extra information via email using issue number as reference ❗**
**Describe the issue**
I would like to provide an SBOM softwa…