guac
guac copied to clipboard
guacsec
GUAC aggregates software security metadata into a high fidelity graph database.
**Describe the bug** in-toto-golang is being deprecated. We need to move the guesser, processor, certifier and parsers to use the new in-toto attestation statement headers. Some of that work was...
# Description of the PR Fixes #2037 # PR Checklist - [x] All commits have [a Developer Certificate of Origin (DCO)](https://wiki.linuxfoundation.org/dco) -- they are generated using `-s` flag to `git...
# Description of the PR This PR introduces a new flag, `add-vuln-metadata`, that enables the collection of severity information for CVEs directly from the OSV API. When this flag is...
# Description of the PR ``` certVulnConn, err := b.client.CertifyVuln.Query(). Where(certifyvuln.Or(predicates...)). WithVulnerability(func(query *ent.VulnerabilityIDQuery) {}). WithPackage(func(q *ent.PackageVersionQuery) { q.WithName(func(q *ent.PackageNameQuery) {}) }).All(ctx) ``` Add check to see if `predicates` is not...
# Description of the PR * First Part of PR https://github.com/guacsec/guac/pull/2089 * Updating the GraphQL testing code # PR Checklist - [ ] All commits have [a Developer Certificate of...
# Description of the PR This is my attempt at progressing #1279 cc @ridhoq I think this feature is still one we want to add long-term Partial fix for #298,...
# Description of the PR Fixes #2240 Some notes: - I intended to restrict this PR to refactoring only instead of altering functionality, so if there is any change to...
# Description of the PR Splitting out #2243 into two PRs, this one being the more aspirational change because it attempts to refactor more of the CLI towards modularity. Some...
# Description of the PR Fixes #298 FYI: this branch is rebased onto #2185 so that will need to be merged before this one. I think this is the correct...
# Description of the PR * Second Part of https://github.com/guacsec/guac/pull/2089 * All the OpenAPI Spec changes have been included * The `/query/dependencies` is no longer going to be used, instead,...