-
### What would you like to be added?
Hi, I'm Harshita. I’m working with [CNCF and the Google Open Source Security Team for the GSoC 2024 term](https://github.com/cncf/mentoring/issues/1196). We are…
-
Consider a project where `pkg.opam` lives at the project root. `$ opam install ./pkg.opam` will work transparently. Now move this opam file to `opam/pkg.opam`. `$ opam install ./opam/pkg.opam` will no…
-
Hi There,
I am having issues with unpinning two applications, named Navimow (com.segway.mower) and Hansgrome Home (com.hansgrohe.poseidon). Normal ADB-Connection-Setup with HTTP Toolkit was not pos…
-
Our setup is:
- We use several Jenkins machines to build Docker images
- We use Notary to sign their digests
- In order to allow all the Jenkins machines to push new versions of all the images, …
-
The Learning Journey WG identified that the second tutorial in the learning journey should be a tutorial walking the user through creating a `shell.nix`. This is the tracking issue for discussion on t…
-
When trying to reproduce the problem a found the real issue here :)
Previous title: "Test runner "time travel" not working"
The issue is not when using react states in a specific way (as thought e…
-
Hey there, we've started to use response very recently as a PoC to handle our incident response process internally. We were looking for a solution that integrates well with slack as our company is mos…
-
### Description
I would like to suggest a security practice recommended by the [OpenSSF Scorecard][scorecard-repo] which is to hash pin dependencies to prevent dependency-confusion, typosquatting a…
-
A new version of wpc office has been released on the official website.
-
# Description of problem
Today we use https://github.com/golang/dep to manage the project dependencies.
However we do do not explicitly constrain the dependencies.
This means that dep will pull i…