Benjamin Pelletier

That looks reasonable to me (and better than implicitly accepting KeyError). Just throwing a KeyError with !isinstance(tokens, dict) would be less work, but not as strictly-correct as a new error...

Like #394, I think the general idea here is that the Apicurio UI should correspond with the YAML ordering for all types of elements (paths, fields, probably data types) because...

Please note that a new Dependency Check report is now available, generated by running `dependency-check --enableExperimental --scan go.mod` from the repo root folder on commit 5f2f60afe73cacc2c3b6a5f142ed513857579c87 after [installing `dependency-check` via...

In the above report, the dependencies `github.com/grpc-ecosystem/go-grpc-middleware:1.2.2` and `github.com/grpc-ecosystem/grpc-gateway:1.16.0` are flagged with the vulnerability IDs `cpe:2.3:a:grpc:grpc:1.2.2:*:*:*:*:*:*:*` and `cpe:2.3:a:grpc:grpc:1.16.0:*:*:*:*:*:*:*` respectively. For `go-grpc-middleware`, the published vulnerabilities listed are [`CVE-2017-9431`](https://nvd.nist.gov/vuln/detail/CVE-2017-9431) and [`CVE-2020-7768`](https://nvd.nist.gov/vuln/detail/CVE-2020-7768). For...

The script in #480 produces the dependency graph below for all the vulnerabilities mentioned in the Dependency Check report except `prometheus/*`:  All packages with listed vulnerabilities except `robfig/cron`, `prometheus/*`...

Like [the comment above](https://github.com/interuss/dss/issues/473#issuecomment-783724257) regarding Dependency Check's confusion of `grpc` vulnerabilities with `go-grpc-middleware` and `grpc-gateway`, Dependency Check's identification of a vulnerability in `robfig/cron` appears to be the same misidentification of...

The last remaining dependency vulnerability in the second Dependency Check report that is not addressed in the comments above is the one relating to Prometheus. Only `prometheus/client_model` is referenced by...

Since it appears that Dependency Check does not reveal any exploitable vulnerabilities as of 5f2f60a, reducing the priority of this issue to a P2.

I think this brings up an important issue for RID automated testing. We expect multiple Service Providers (SPs) and multiple Display Providers (DPs) to be tested at the same time....

#752 illustrates the usage of haproxy to recover from a loss of a CRDB node