Ecosyste.ms: Timeline

Browse the timeline of events for every public repo on GitHub. Data updated hourly from GH Archive.

wagoodman

wagoodman created a review on a pull request on anchore/grype
just to clarify: is the goal to keep the top-level `search` package? Not a problem if so, just trying to square up the final state of things based on previous conversation.

View on GitHub

wagoodman created a review comment on a pull request on anchore/grype
Matcher was originally ``` Match(v5.VulnerabilityProvider, *distro.Distro, pkg.Package) ([]match.Match, error) ``` which means that it does not necessarily need to be added to the pacakge. When w...

View on GitHub

wagoodman created a review on a pull request on anchore/grype

View on GitHub

wagoodman pushed 1 commit to add-v6-to-manager anchore/grype-db

View on GitHub

wagoodman created a review comment on a pull request on anchore/grype
ah, the tag is there and we're not using tags to select integration tests, so it wouldn't be selected today... maybe let's change the tag to something that doesn't look like it overlaps with the av...

View on GitHub

wagoodman created a review on a pull request on anchore/grype

View on GitHub

wagoodman created a review comment on a pull request on anchore/grype
I think adding a small unit test that ensures that the rate limiter is wired up by default when using `mavenSearch` would be a good enough sanity check.

View on GitHub

wagoodman created a review on a pull request on anchore/grype

View on GitHub

wagoodman created a review comment on a pull request on anchore/grype
just out of curiosity, why 1 request per 300 ms? from experimentation? or did you find any useful maven docs on this?

View on GitHub

wagoodman created a review on a pull request on anchore/grype

View on GitHub

wagoodman created a review comment on a pull request on anchore/grype
I don't think we should be hitting maven in this way during a test that could be run by multiple devs at a time and by automation. I'm not against leaving the test in if we add a build tag that isn...

View on GitHub

wagoodman created a review on a pull request on anchore/grype

View on GitHub

wagoodman created a review comment on a pull request on anchore/grype
```suggestion log.WithFields("package", p.Name, "error", err).Warn("failed to resolve package details with maven") ```

View on GitHub

wagoodman created a review on a pull request on anchore/grype

View on GitHub

wagoodman created a review comment on a pull request on anchore/grype-db
yeah, it's destroyed after the with block (since this function has a @contextlib.contextmanager decorator)

View on GitHub

wagoodman pushed 1 commit to add-v6-to-manager anchore/grype-db

View on GitHub

wagoodman starred Velocidex/regparser
wagoodman starred rhaiscript/rhai
wagoodman starred mateodelnorte/meta
wagoodman starred isd-project/isd
wagoodman starred pancsta/asyncmachine-go
wagoodman pushed 1 commit to main wagoodman/elf-notes

View on GitHub

wagoodman pushed 1 commit to main wagoodman/elf-notes
  • add elf note dependencies example 973a120

View on GitHub

wagoodman created a branch on anchore/syft

add-elf-note-dependencies - CLI tool and library for generating a Software Bill of Materials from container images and filesystems

wagoodman created a comment on a pull request on anchore/vunnel
@dependabot rebase

View on GitHub

wagoodman pushed 1 commit to add-v6-to-manager anchore/grype-db

View on GitHub

wagoodman pushed 1 commit to main wagoodman/elf-notes
  • add original view without package notes 2223fee

View on GitHub

wagoodman pushed 1 commit to main wagoodman/elf-notes

View on GitHub

wagoodman created a branch on wagoodman/elf-notes

main - scratch spot to play with elf notes + syft

wagoodman created a repository: wagoodman/elf-notes

https://github.com/wagoodman/elf-notes - scratch spot to play with elf notes + syft

Load more