chainloop
chainloop copied to clipboard
chainloop-dev
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
Can the policy engine handle non json/yaml file types? Should we include a transformation pipeline?
When using auto-discovery for material type, when the material type is not dns-1123 compliant, so contains characters others than lowercase letters, numbers, and hyphens and error is thrown hiding the...
Rename and expose foreign_keys in memberships to make them available during queries
to be able to know what limitations the API token has i.e project. This can be maybe done in the org describe command
when you run a command in the CLI in debug mode, we might want to make sure we tell you information about what API endpoint is hitting, what hostnames, what...
``` --- FAIL: TestReferrerIntegration/TestExtractAndPersistsConcurrency (2.93s) referrer_integration_test.go:163: Error Trace: /home/runner/work/chainloop/chainloop/app/controlplane/pkg/biz/referrer_integration_test.go:163 /opt/hostedtoolcache/go/1.24.4/x64/src/runtime/asm_amd64.s:1700 Error: Received unexpected error: saving referrers: failed to create referrer relationship: add m2m edge for table referrer_references: ERROR: deadlock detected...
Currently, when we perform attestation push, we upload the whole recorded attestation, which can cause hit the max payload [limit of 10MB](https://github.com/chainloop-dev/chainloop/blob/526833fe634cf87aa1fe63ec74126c6f62e0ef4f/deployment/chainloop/values.yaml#L529) One way to not to run into this...
Currently, attestations are stored both in DB and in the CAS. This causes the DB usage to grow, especially now that we also store policy evaluations, etc in them. One...
Metadata
Owner
Metadata
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.