Ben Selwyn-Smith
Ben Selwyn-Smith
The Repo Finder feature makes a best effort attempt to find repositories for artifacts that are missing them. While the meta data used to discover these new URLs is linked...
Issue #428 enables use of deps.dev for finding repositories of non-Java analysis targets. For this to work, some means of finding dependencies for these other languages is needed. As Macaron...
Currently, every time the Repo Finder is tasked with finding a repository it reaches out to the relevant package manager system, or similar tool; meaning at least one HTTP GET...
This adds the third part of the repo finding extension. Making remote calls to retrieve POMs is a costly operation that should be avoided when possible. By adding found repositories...
The PackageURL spec includes a list of requirements for a `type` to be considered valid: - > The package type is composed only of ASCII letters and numbers, '.', '+'...
This pull request adds a new command `find-source` that requires a PURL, and optionally accepts a repository path as input. If no repository path is provided, the command will call...
Currently, provenances are only automatically discovered from npm, or user provided JFrog repositories. Some projects hosted on Maven Central also have provenance files alongside artefacts, and these can be supported...
The Commit Finder feature of Macaron could be made available via a command line argument for cases where a user wants to find the commit for their artifact but does...