Aeva Black
Aeva Black
Discussed some concerns and possible approaches with @paulcallen and @mikbras. Potential solutions include: - use a ramfs for the temp dir, or - use a stream object for signing or...
(wearing my open source ecosystem hat) > is this a real problem or hypothetical? (details not needed) I am genuinely (academically) curious since I have been discussing the open source...
Related to PR #23
@bobcallaway wrote: > I didn't diff against the PDF, but assuming it matches I copied the PDF we link to at the top of the TAC update. Any deltas that...
> I think to address Brian's point, we could add a note to the ossf repo stating that the charter is under the governance of the GB and no changes...
Thanks for adding this suggestion, Emma!
I'd like to add another endorsement of refactoring the CC to include a process guideline, and a point of comparison. Within the Kubernetes community, we recently published [our incident report...
Chiming in because this is an important point - including the Enforcement Steps as part of the main CC 2.0 text has made it difficult for me to support adoption...
Closing as the Charter now has an official location, maintained by the foundation, and doesn't need to be stored in git.
> One of the missing "tools" is a that which can create an independent dependency graph (across artifact types, language/package deps., base images, etc. May I point you towards https://gitbom.dev/...