Add compatibility for future oras releases

owasp-dep-scan / dep-scan

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

https://owasp.org/www-project-dep-scan/

MIT License

986 stars 97 forks source link

Add compatibility for future oras releases #271

Closed Quince-Pie closed 6 months ago

Quince-Pie commented 6 months ago

get_manifest seem to have an extra parameter in oras-py. Adding this should not break v0.1.26, but should allow flexibility for package manager repositories that only contains future versions.

prabhu commented 6 months ago

Thanks, @Quince-Pie, for this PR. Could you raise another one against release/5.x branch so that we can release the changes? The master branch is for 6.x, which is due to be released by the end of the year.

prabhu commented 6 months ago

@Quince-Pie, could you sign your commits next time? We will begin enforcing this policy at some point, so it is best to configure your git client correctly.

Quince-Pie commented 6 months ago

@Quince-Pie, could you sign your commits next time? We will begin enforcing this policy at some point, so it is best to configure your git client correctly.

Thanks for letting me know, I will keep that in mind on my next commits