Hector Fernandez
Hector Fernandez
FYI: I'm working on this feature in case anyone else is working on a similar direction.
@asraa The idea is to get a first shareable version, so we can discuss more details or any considerations. I am making use of `sigstore/timestamp-authority`, so the timestamp is formatted...
I've seen PR checks to slow down a lot, we need to measure how much time will take. Otherwise I'll suggest to run them pos-push.
@chaospuppy lgtm, but you need to update the cli docs.
@chaospuppy Thanks for opening the issue. We don't have support for that in the attest command. I believe it makes sense to create the attestation and the payload all on...
I give it a try to the `syft attest` command and I also found the cyclonedx xml format is not supported. ``` could not produce attestation predicate for given format:...
@jdolitsky This behavior also happens to `--signature=` parameter for the attach signature command. I am not sure if it should be limited to stdin and files only. The file doesn't...
@imjasonh We got some conflicts here.
I am looking how to consume tern as a plugin, so either exposing its basic functions as grpc endpoints might be an option. Another option would be to mount it...