Ben Selwyn-Smith
Ben Selwyn-Smith
This PR adds a new table `RepoFinderMetadata` that exists to record the various possible outcomes of the Repo Finder and Commit Finder. Possible outcomes include successes as well as all...
## Summary This PR adds discovery of PyPI attestation. URLs to these attestation files are sought via the deps.dev API. ## Description of changes - `DepsDevRepoFinder` was updated to use...
This PR adds support for GitHub attestation discovery. To access GitHub attestations, the SHA256 hash of the repositories artefacts must be generated and submitted via the API. Artefacts may be...
This PR adds provenance asset info to the database alongside the provenance it identifies. This was previously removed during refactoring. Closes #819
## Summary This PR adds a new command line argument for passing local artefacts to Macaron. These artefacts can be used in places where they would otherwise be downloaded. Primarily...
Attestation files provided by the user in the command line are not checked for their verified status. Currently, Macaron relies on the information provided by third party services such as...
The current check provides some useful information for the user, including repository star count and forks; however, this check could be improved so that it can be the main source...
## Summary This PR adds a new pre-commit hook that checks the grammar/formatting of Python comments. ## Description of changes The script attempts to correct comments so that they start...
As part of the analysis process regarding attestation files, data received from the various possible sources is stored into a temporary file before being analysed. This functionality was originally created...
Tags found in the `packed-refs` file that can be created by the Git command `git pack-refs` do not have to be UTF8 encoded. In these cases, GitPython fails to read...