minder
minder copied to clipboard
stacklok
Software Supply Chain Security Platform
Currently, we allow the creation of sub-projects, projects that are children of another project. This issue tracks creating top-level projects, projects without a parent project. We can repurpose the existing...
Apparently found during smoke testing
### Please describe the enhancement Per recent discussion on providers, add an external ID to artifacts and repositories. This will be an opaque identifier which the providers will use to...
The current pattern followed by our CLIs is as follows: https://github.com/stacklok/minder/blob/17412a2b32338d4b7ac2b234efee3124e565f20d/internal/config/common.go#L84-L95 The default value of the flag is hardcoded. A better pattern would be to query the viper store for...
This is an edge case. **Describe the bug** When a user deletes their account using the browser (ie not using the minder CLI) and a few minutes later re-registers using...
**Details:** * This issue is about supporting an artifact that was signed with cosign using a local key pair. * Note that when signing with a key pair there's no...
Ensure/implement that Minder has support for provenance information stored in an OCI registry that uses the bundle format (currently it's only `simplesigning`). References: - https://github.com/sigstore/protobuf-specs/blob/b46b842040854ceab8f3a42547ae6e991793d0ef/protos/sigstore_bundle.proto#L111
**Overview:** I want the workflow that built my artifact: - to use only a set of actions that I have allowed to be used - to have their permissions explicitly...