minder
minder copied to clipboard
stacklok
Software Supply Chain Security Platform
To provide an ability for an end-user to force the auto-registration of repositories, we want to extend at the very minimum the `repo register` CLI to provide an `--all` switch:...
In order to trigger repository reconciliation to either cover the case where we miss a webhook or after the initial enablement of the auto-enrollment we need a way to tell...
To enable configuring auto-registration of entities (repositories for a start) we need to extend the configuration of the GitHub App provider which is currently quite bare-bones: ``` message GitHubAppProviderConfig {...
This is a follow-up to issue #3263. In addition to storing the provider configuration on provider creation we'll also want to patch the provider configuration after the fact. We might...
Currently when we only support a single GitHub instance, it's probably not bad to use a single webhook secret to HMAC the messages sent by GH to our webhook handler...
### Describe the issue See this closed PR: https://github.com/stacklok/minder/pull/3219 This will trigger if more than one repo with the same name but with different providers exist in the same project....
The long-term goal is to allow users to run: ``` minder project role grant -r editor -s github:evankanderson ``` for a project, rather than: ``` minder project role grant -r...
It would be nice if it could also block like the OSV evaluator
### Describe the issue I noticed that in the /api/v1/user endpoint, the projects are returned with the same type as they are returned elsewhere (in the generated sdk it's called...
Depends on https://github.com/stacklok/minder/issues/3173, because without it, users may end up with no projects and no way to create a new project. We currently block the deletion of top-level projects, projects...
