TheAssassin

I think this is a usage issue rather than a Docker or appimagetool issue. If you need a way to build an AppImage allowing you to configure the build with...

I agree with most of what you write. I've been telling the same for years. But these things take time and require a lot of effort. I've spent a lot...

> The reason I suggest sbom in a recognized format (in contrast to urls in a bash script) is that it allows you to query a vulnerability db. Nothing to...

This is a horrible idea that should be rejected immediately.

Every AppImage author will just suppress and/or ignore this, since it completely ignores the circumstances. The tool is unaware of the situation, it may be totally okay to, e.g., just...

I'm not willing to seriously continue this discussion. It's a bad idea, and your reply shows that your intentions are bad (blocking in CI to coerce users into silly and...

No, the opposite is true, we must *not*. This entire idea makes so many false assumptions, I don't even know where to start.

Fair enough @shoogle. > How can we entirely prevent situations like https://github.com/AppImage/appimage.github.io/pull/2967? Again, these checks are completely arbitrary, do not have the backing of anyone but you, and are completely...

I'm aware of that technique, see e.g., https://github.com/linuxdeploy/linuxdeploy-plugin-appimage/blob/8fce62d23abf436aee47b98c0ee50422a4ea7cef/ci/build-appimage.sh#L56-L58. We've done that in some tools before already. I wouldn't even go so far to bundling it. And appimagelint doesn't, like, fail...

You should really add more information to your issues. No description at all = not going to be worked at. What is the target audience? Are there actual computers, SBCs...