Alex Cameron
Alex Cameron
#### Summary This PR adds a `--client-signing-algorithms` flag to Fulcio to restrict what key/hash combinations are allowed. #### Release Note #### Documentation
Figure out whether there's a way to make a workflow for each platform that builds the code and publish it as a GitHub release.
It'd be good to have a workflow setup to check that the code at least compiles ok on each commit.
Not sure what the "proper" way to handle this is so I'll have to do a bit of research. There are multiple spots in the code where I'm having to...
When new files are added to Sleigh, sometimes our weekly sync with Ghidra continues working fine and we don't notice. This leads us to having missing headers which we have...
At the moment, loading spec files on different threads is unsafe because of how the XML parsing is implemented. We should consider adding a wrapper API in the `support` lib...
One thing I've noticed during development is that it's very easy for chains to be rejected via the wrong check. Unless you debug the test yourself, it's difficult to know...
In the `cryptography.io` tests, I had to begin populating the key usage extension since it was marked as critical. Since we're now populating this information, we should fix the harnesses...
I noticed another small difference between `pip-api` and `pip-requirements-parser` which I'd like to bring up. At the moment, `pip-requirements-parser` relies on an egg fragment being at the end of an...
Thanks for building `pip-requirements-parser`! I'm really happy with it. I noticed that if I parse a requirements file and then print it out with `dumps`, any leading whitespace before a...