Ecosyste.ms: Timeline
Browse the timeline of events for every public repo on GitHub. Data updated hourly from GH Archive.
github-actions[bot] created a comment on an issue on pyca/cryptography
This issue has not received a reporter response and has been auto-closed. If the issue is still relevant please leave a comment and we can reopen it.
alex created a review comment on a pull request on pyca/cryptography
Yes, it can be frustrating, we definitely end up with way more test cases than most folks as a result.
alex created a review comment on a pull request on pyca/cryptography
No, we don't want `unwrap_or(false)` here -- if an `Err(_)` is returned, that means an exception was raised on `eq()` somehow, so we want to propagate that up the stack, using `unwrap_or()` would j...
nitneuqr created a review comment on a pull request on pyca/cryptography
Is an `unwrap_or(false)` acceptable? Or, more precisely, why isn't it a good idea?
nitneuqr created a review comment on a pull request on pyca/cryptography
Will do! Didn't know the issues with `unwrap()`. Just Copilot-ed the difference between `?` and `unwrap()`.
nitneuqr created a review comment on a pull request on pyca/cryptography
Will do! Having coverage for these tests cases is not an easy task.
alex created a review comment on a pull request on pyca/cryptography
These unwraps need to propagate the error up (which annoyingly probably means you can't use any)
alex created a review comment on a pull request on pyca/cryptography
```suggestion let content_info = asn1::parse_single::<pkcs7::ContentInfo<'_>>(data)?; ```
hughsie created a comment on a pull request on pyca/cryptography
> I am, for my sins, acutely aware of the genesis of SBOM requirements. (I work for the federal government.) :) > While I appreciate the motivation behind this PR, to me it is not aligned wit...
hughsie created a comment on a pull request on pyca/cryptography
> the needs of your process are actually pretty distinct from the needs of most of our Python consumers: I think that's fair. I wouldn't entirely mind if the file was called `.sbom.cdx.json` so ...
alex created a comment on a pull request on pyca/cryptography
That helps somewhat, but I think makes clear to me that the needs of your process are actually pretty distinct from the needs of most of our Python consumers: Most people do not checkout from gi...
hughsie created a comment on a pull request on pyca/cryptography
> The thing I am trying to understand is if we check this into our repo, mechanically, how is anyone expected to consume it Right, sorry -- I might have not explained that terribly well. The ess...
alex created a comment on a pull request on pyca/cryptography
Not particularly. The thing I am trying to understand is if we check this into our repo, mechanically, how is anyone expected to consume it? On Fri, Nov 22, 2024 at 7:46 AM Richard Hughes ***@*...
alex created a comment on a pull request on pyca/cryptography
One can't simply use the Cargo.lock, because it includes various dependencies that are only used on certain platforms, you need the build machinery to output what it actually used. Stepping back...
hughsie created a comment on a pull request on pyca/cryptography
> Our release artifacts include other packages that properly need to be reflected into an SBOM. Right, I don't disagree -- but I noticed you've got a nice `Cargo.lock` we could use to construct ...
alex created a comment on a pull request on pyca/cryptography
I don't think it makes much sense to include a stub SBOM like this. Principally because it's fundamentally wrong: our release artifacts include other packages that properly need to be reflected int...
alex pushed 1 commit to main pyca/cryptography
- chore(deps): bump ruff from 0.7.4 to 0.8.0 (#12023) Bumps [ruff](https://github.com/astral-sh/ruff) from 0.7.4 to 0.... c266456
alex closed a pull request on pyca/cryptography
chore(deps): bump ruff from 0.7.4 to 0.8.0
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.7.4 to 0.8.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/releases">ruff's relea...