Tushar Goel
Tushar Goel
@pombredanne @ziadhany what have we decided on this PR, is it ready for review ?
For example: - This is a go package - github.com/go-jose/go-jose/v3 - This is a purl - "pkg:golang/github.com/go-jose/go-jose/[email protected]" - type - "golang" - namespace - "github.com/go-jose/go-jose" - name - "v3" -...
Use this API endpoint instead https://errata.rockylinux.org/api/v2/advisories?filters.product=&filters.fetchRelated=false&page=0&limit=25
@pombredanne please give me design on this when you get chance.
@netomi thanks! please check the errors in the CI and also do not forget to regen the tests just in case dependencies in tests have been updated https://github.com/nexB/python-inspector#testing
@netomi please rebase your PR with latest main, tests are fixed in this PR https://github.com/nexB/python-inspector/pull/165
@sschuberth tests are falling, tests needs to be regen
> @TG1999 GH evidently won't allow me to upload my `.py` file, but here are 3 of the relevant data files I've generated. > > [conan_advisories.txt](https://github.com/nexB/univers/files/10797112/conan_advisories.txt) [conan_affected_ranges.txt](https://github.com/nexB/univers/files/10797114/conan_affected_ranges.txt) [conan_files.txt](https://github.com/nexB/univers/files/10797115/conan_files.txt) @johnmhoran thanks...
@heliocastro it looks like from the trace you need to use `--analyze-setup-py-insecurely` option. So the command would be: ``` python-inspector -r req.txt --json-pdt source.txt --analyze-setup-py-insecurely```
Added issue https://github.com/nexB/scancode-toolkit/issues/3188