alpha-omega issues

complete implementation of dynamic.py

1

complete implementation of dynamic.py - need requirements of functionality for methods _Originally posted by @Cyber-JiuJiteria in https://github.com/ossf/alpha-omega/pull/31#discussion_r1039890663_

Cyber-JiuJiteria

Expand export to support other package types

This code exists to import (en masse) results generated by the Analyzer, stored in a blob store. But any type of package can be used (not just npm). I think...

Cyber-JiuJiteria

Add additional metrics to triage portal home page view

Additional metrics: - resolved findings? - updated findings? (say a finding was patched, but showed up again in a later report) _Originally posted by @Cyber-JiuJiteria in https://github.com/ossf/alpha-omega/pull/55#discussion_r1043831829_

scovetta

implement get_intermediate_files() from azure storage

get_intermediate_files() to be implemented. Issue Created _Originally posted by @Cyber-JiuJiteria in https://github.com/ossf/alpha-omega/pull/55#discussion_r1043799833_

Cyber-JiuJiteria

Add validation based on Microsoft Naming Referencing containers guide on blobs

todo for validation on blobs Add validation based on https://docs.microsoft.com/en-us/rest/api/storageservices/naming-and-referencing-containers--blobs--and-metadata _Originally posted by @Cyber-JiuJiteria in https://github.com/ossf/alpha-omega/pull/55#discussion_r1043786252_

Cyber-JiuJiteria

We should probably use the format we defined in ossf/security-reviews. Maybe even change this to require that. There is a validator over in that repo we can use.

Manual reviews should follow the format from ossf/security-reviews and not just totally freeform. We should probably use the format we defined in ossf/security-reviews. Maybe even change this to require that....

scovetta

Consider adding additional information to logs (like local username).

Rationale: When processing logs, without a username or something similar, it may be hard to trace back to what happened. For now, it's intended to be run locally, so we...

scovetta

Implement BaseEvidence

1

to be implemented - requires definition of BaseEvidence requirements _Originally posted by @Cyber-JiuJiteria in https://github.com/ossf/alpha-omega/pull/31#discussion_r1039866459_

Cyber-JiuJiteria

Generic Cloud storage design for support of other providers

Ensure storage design is generic enough to allow easy support for other cloud providers storage products, i.e., Google, AWS.... _Originally posted by @Cyber-JiuJiteria in https://github.com/ossf/alpha-omega/pull/31#discussion_r1039905894_

Cyber-JiuJiteria

Complete design and implementation of assertion subject

to be implemented.- needs requirements and understanding of use cases / functionality _Originally posted by @Cyber-JiuJiteria in https://github.com/ossf/alpha-omega/pull/31#discussion_r1039898675_

Cyber-JiuJiteria

alpha-omega
alpha-omega copied to clipboard

Metadata

complete implementation of dynamic.py

Expand export to support other package types

Add additional metrics to triage portal home page view

implement get_intermediate_files() from azure storage

Add validation based on Microsoft Naming Referencing containers guide on blobs

We should probably use the format we defined in ossf/security-reviews. Maybe even change this to require that. There is a validator over in that repo we can use.

Consider adding additional information to logs (like local username).

Implement BaseEvidence

Generic Cloud storage design for support of other providers

Complete design and implementation of assertion subject

← Metadata

Owner

Metadata

alpha-omega alpha-omega copied to clipboard

Metadata

← Metadata

Owner

Metadata

alpha-omega
alpha-omega copied to clipboard