Alex Cameron
Alex Cameron
Does `cosign` still use `--cert`? I had a quick grep and it looks like it still does. I'll leave the judgement call to you but I tend to think that...
Whoops, I didn't get the inline asm syntax right. Fixing now...
@pgoodman Ok, I think this should do the trick.
Currently figuring out what to do about the default callable spec.
@frabert This branch is building and the JSON translation unit and header have been removed. There are a number of methods (mostly in the Protobuf translator), that I've stubbed out...
> I was messing with `scan-build make test` this morning and it was picking up a few things as well (the ConstTpl initializers were the only overlap). Should look at...
@mumbel Ok, `make check` seems to be working ok with `-fsanitize=undefined` now. Sorry for the delay, I believe this is good to go.
@athre0z Friendly ping! This is good to go from my end.
@woodruffw We could try looking for a `pyproject.toml`? But yeah, I imagine this will have to be left out of the `pip` integration.
Hey @StefanFl, I believe the example that @woodruffw posted was a response from the PyPI API [here](https://warehouse.pypa.io/api-reference/json.html#release). `pip-audit` can query for vulnerabilities from either the PyPI or OSV APIs via...