Paul Horton
Paul Horton
The likely cause is that the OSV response schema has changed since this utility was written. Contributions welcome to move this forward @Lokomofeilov @tdhammer @marcelstoer
FYI @oej
@vpetersson - any reason you have chosen not to use an existing GitHub Action for this? - https://github.com/DavidAnson/markdownlint-cli2-action - https://github.com/super-linter/super-linter
Thanks for taking the time to share this @szabgab. A single dot in a `requirements.txt` can be used when dependencies are defined in another place (e.g. `setup.py` in the example...
This seems like a sane thing to do - inline with https://github.com/CycloneDX/transparency-exchange-api/tree/main/discovery#tei-resolution-using-dns.
For `security.txt` agree we need to define the complete URL to the TEA API Service. For `/.well-known/tei` I'd have thought an appropriate HTTP 30x redirect to the TEA API Service...
@weichslgartner / @italvi - can either of you share the generated SBOM which is generating this warning?
Let's be clear: a TEI is the entire URN - `urn:tei:cyclonedx.org:SHA256:fd44efd601f651c8865acf0dfeacb0df19a2b50ec69ead0262096fd2f67197b9` So the `product-identifier` in question would be `fd44efd601f651c8865acf0dfeacb0df19a2b50ec69ead0262096fd2f67197b9` For the `GET /product`, from a Consumers perspective, they can easily...
So IMO, we have 3 options: 1. `GET /product?product-identifier=` 2. `GET /product?type=&product-identifier=` 3. `GET /product?tei=`
@oej - should we discuss the terminology used here in relation to Barcodes?