Olle E. Johansson
Olle E. Johansson
While #164 is an interesting idea that we need to explore further, this only covers the Open Source side. This is a good step forward, but we need to discuss...
Interesting. We will have to review that. Either attach it to multiple versions as a single shared artefact, which is possible or look for something else. A related question is...
So CLE is an artefact in TEA and that will work. This artefact will be connected to multiple collections. But can we steal some ENUM to indicate life-cycle state of...
From CLE: - `released` - `endOfDevelopment` - `endOfSupport` - `endOfGuaranteedSupport` - `endOfLife` - `endOfProduction` - `endOfMarketing` - `supersededBy`
They are looking into Security Status Changes - which is most important for this.
Before using the word "release" we had "version". Would that work better?
Did you check the tea-collection docs? :-)
https://github.com/CycloneDX/transparency-exchange-api/pull/126
Security.txt is a good way to be able to find the API without having to have a product ID. It's different than the "ordinary" TEA discovery based on the TEI.
From the RFC: "Designated experts should determine whether a proposed registration or update provides value to organizations and researchers using this format and makes sense in the context of industry-accepted...