Cosmin Cojocar
Cosmin Cojocar
@dependabot rebase
@dependabot rebase
/test pull-security-profiles-operator-build
This is a good addition. I was also thinking about a rule to detect this conversions which can lead to overflows.
Thanks @audunmo for your feedback! I am looking forward to your future contributions.
Some inspiration can be drawn from https://github.com/google/capslock/blob/93953b672cdc791b08abd786365581c53a4458c7/analyzer/util.go#L194, which builds a call graph of all the packages in the program with the aim to search paths to the standard library calls...
I am not sure if skipping the signing is a good idea. I think you need to allow `https://oauth2.sigstore.dev` domain. Maybe making the OIDC provider configurable.