Dave Tryon
Dave Tryon
@SimonvanAs, your VB6 request (https://github.com/microsoft/component-detection/issues/1088) has been waiting for your input since May 15th, 2024. Just nudging you here and capturing the link to the open request. Sbom-tool won't be...
@birchsr and @Almarine-James, please feel free to jump in on https://github.com/microsoft/component-detection/issues/1088 to help drive this issue in `component-detection`.
I've read the page at https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/quality-rules/ca2254, which explains the rule and how to apply it. It fails, however, to explain the reasoning behind the rule or what benefit it provides....
We already ship the SBOM tool as a dotnet tool (see https://www.nuget.org/packages/Microsoft.Sbom.DotNetTool), which allows you to call the code after you install it. Use is as follows: 1. Install the...
@thejrrr will check this out and decide what to update (with engineering support)
@dependabot recreate
> https://github.com/microsoft/sbom-tool/blob/3d1a59f0947cb868708eaccff243c83410f1f57b/src/Microsoft.Sbom.Api/Workflows/SBOMGenerationWorkflow.cs#L240-L242 > > . Is this _really_ a warning? A user asked to delete a manifest if it was already there, and we're doing what they asked? This feels...
Tracked at https://dev.azure.com/mseng/1ES/_workitems/edit/2293537 (internal link)
Closed #467 and #352, which were drafts to address this. Looking at the component-detection code base, they're still using a mixture of loggers.