guac
guac copied to clipboard
guacsec
GUAC aggregates software security metadata into a high fidelity graph database.
**Is your feature request related to a problem? Please describe.** Currently, subjects in SLSA are parsed as slsaEntity using just name and digest. The aim of this PR is to...
**Describe the bug** If there's a digest for the subject in an SBOM, we attach the HasSbom node to the Artifact that matches that digest. After that, we link the...
Implementing a portion of #1014, let's implement a GUAC collector for license data from [ClearlyDefined](https://clearlydefined.io/) as described in https://docs.google.com/document/d/1NmLlU5wuP2X9CK7QCWZkkOciNn1QFLKQCFCW9CEI8HQ/edit#heading=h.q8v64s9nqno This will allow GUAC users to include license-related information, which can...
# Description of the PR * Fixes #2003 * Fixes `make all` as well as `make build` * The issue with `make all` was that `grpc.Dial` was deprecated and we...
# Description of the PR This PR addresses the issue described in #1413. It is based on the changes from PR #1438. ## Reason for New PR: I do not...
**Is your feature request related to a problem? Please describe.** GUAC pulls data from deps.dev, osv.dev, and soon ClearlyDefined. With a large graph, an instance might pull a lot of...
- Move to chainguard static to have zero vuln ## With chainguard ``` grype ghcr.io/guacsec/guac:v0.0.0-local-organic-guac-arm64 ✔ Vulnerability DB [no update available] ✔ Loaded image ghcr.io/guacsec/guac:v0.0.0-local-organic-guac-arm64 ✔ Parsed image sha256:fd5bc85f4446390cfa77f606f63bfa6c6ea2fb58d7b31474322e719f31e76f27 ✔...
# Description of the PR - Fixes #1892 - Updated tests - Added a README for certifier/scorecard # PR Checklist - [ ] All commits have [a Developer Certificate of...
Bumps [github.com/getkin/kin-openapi](https://github.com/getkin/kin-openapi) from 0.123.0 to 0.126.0. Release notes Sourced from github.com/getkin/kin-openapi's releases. v0.126.0 What's Changed openapi3: document v0.124.0 breaking API changes by @percivalalb in getkin/kin-openapi#964 openapi3: introduce ReferencesComponentInRootDocument(doc *T, ref...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
**Describe the bug** Running `make all` fails with: ``` coverage: 100.0% of statements ok github.com/guacsec/guac/pkg/misc/slice 1.114s coverage: 100.0% of statements go tool cover -html=coverage.txt xargs: goimports: No such file or...
