Jason Shepherd
Jason Shepherd
Works well on MacOSX and Linux. Need to test on Windows. A couple of test fail for me on JDK 8 < 72: BeanShell1: Caused by: java.io.IOException: Cannot run program...
When a document has packages with package external references those are not written by the jsonyamlxml writer. Compare that behaviour with the [tagvaluewriter](https://github.com/spdx/tools-python/blob/2f4225c5a2eb2d1ee577c53b3b6075c91b0981c1/spdx/writers/tagvalue.py#L272).
Sometimes later versions of containers in a repository can use versions which are lower than previous versions when compared using RPM schematics. For example the container repository `registry.redhat.io/openshift-logging/eventrouter-rhel8` uses floating...
The current launcher-backend Fabric8OpenshiftShiftServiceImpl always trusts the certificate is signed by a trusted CA. This should be verified against the Java trust store certificates, or a different trust store before...
The Log4J developers prior to CVE-2021-44228 allowed uses to load arbitrary variables (and code) from a remote JNDI server using the logging templates. This example comes from the patch for...
Uses the python string format to demonstrate the [Format Strings and Templates ](https://github.com/ossf/secure-sw-dev-fundamentals/blob/main/secure_software_development_fundamentals.md#format-strings-and-templates) section of course. This example came from [Be Careful with Python's New-Style String Format](https://lucumr.pocoo.org/2016/12/29/careful-with-str-format/) by Armin Ronacher...