Martin Vrachev

Indeed that's something I think would be great. The way [Bandit](https://github.com/PyCQA/bandit) (open source security linter for Python) does it is great. It gives you a field in the json generated...

I am helping with the documentation. We have documentation for a small subset of the rules you can read more here: https://securego.io/

Yes, we need to work more on the documentation. I was really busy this last month but I will continue to work on the documentation.

I am slowly working on this when I have time.

I installed Bandit for python3 and again I get this:  with this command: ``` bandit -v -ii -lll -r ./ ```

I agree this will be an awesome feature. Many times you want a deeper validation beyond type checks which you can only implement. What is the status of this issue?

> what are the reasons that people want to participate? Plus learn new stuff during the assessment. I think one question we want to answer do we consider the assessments...

I also suggest that we replace the Timestamp `meta` field with `snapshot_meta` field. Where `snapshot_meta` will contain the same information as `meta["snapshot.json"]`. Besides simplification, this will also help with the...

I read the whole discussion, but somehow I didn't understand where was said we would need to have canonical JSON on the wire in order to use DSSE? > But...

Now, the question I have is what are we doing about DSSE after we close this issue? As I mentioned above: > Last question: > do we want to start...