Batuhan Apaydın
Batuhan Apaydın
yeah, SGTM, we (w/@dentrax) can make it happen if you all agree on this `attach` command. We can start working on it ASAP. Let me summarize the steps that we...
Hi folk, as @samj1912 said, syft is now capable of uploading SBOM in form of in-toto attestation format to the registries, also, there is another option like "cosign attach", but...
kindly ping
Great, thanks for your interest 🤗I'll take a look at it ASAP
would you mind assigning it to us, then we can start to work on it 🤩
cc: @dentrax @f9n @necatican
cc: @dentrax @sozercan
> My understanding is that you want a way to mutate only the main container for a Pod, but not other containers that may be injected by sidecars later. Your...
IMHO, an `--sbom` flag should cover all the things and can accept both spdx, and cyclonedx as a value. So, the command will look like the following: ```shell $ nerdctl...
We don't have to use syft as an executable way, I've recently asked @wagoodman to give us an example of how to use syft as a Go module, thanks to...