Open tlambertz opened 2 years ago
Would it be helpful if the commit hash (short) is added along with the url and name of the project?
forked-from-repo: "name:projectname,url=https://github.com/solana-labs/solana,chash=4e5edd8a461dfa2304d721ebd378ae82b0abb856"
Or we can add branch name or release tag, instead of commit hash.
I think this sounds and is a much more efficient and effective way of catching a problem before it happens. It would save time , headaches, money and keep everything transparent to a certain extent.
Reembolso
No
forked-from-repo: "name:projectname,url=https://github.com/solana-labs/solana,chash=4e5edd8a461dfa2304d721ebd378ae82b0abb856"
We could add a new optional "forked-from-repo" field to easily indicate when a project is based on another.
In case a bug is found, this field would allow to easily find related projects, which might have similar security issues.