Caleb Brown
Caleb Brown
Long term - yes, I think this is the right place for this. Marshal/Unmarshal logic best exists next to the struct itself (e.g. url.Parse). In this particularly case I am...
I'm generally not opposed to this idea, but I do wonder about the practicality of tracking `project-release`, `commit-hash` (for the project) and `tool-version` (for security tools). How are devs expected...
@dependabot rebase
@dependabot rebase
Hi Nathan, this is a great question! I need to investigate whether or not there is an existing ladder that applies to OpenSSF projects or if one needs to be...
Non-positive weights don't make much sense, and should cause an error if supplied. - zero weights are meaningless - it implies that the particular field should be ignored, but it...
Just an update. We are waiting on our legal and OSPO teams to provide support on this.
This fork is now available within this repo under the `https_intercept` branch. Work will continue there.
Some research: - https://www.practical-go-lessons.com/chap-27-enum-iota-and-bitmask - proposes int + iota and implementing fmt.Stringer() and serialization interfaces. - https://threedots.tech/post/safer-enums-in-go/ - documents each style, suggests strings are better for URL slugs - Go...
My proposal: - use numeric based enum types (e.g. `int`, `int8`) with `iota` - rationale: this approach is almost universally used - use `[]string` or `map[x]string` to associate const to...