Trong Nhan Mai

In Macaron, we use [Cuelang](https://cuelang.org/) to enforce certain requirements on the provenance content of the analysis component. For example, let's say we have a [Witness provenance](https://witness.dev/) that contain an attestation...

Incorrect invocation.configSource.uri value for inferred provenance value.

2

# How to replicate Run this command: ```bash macaron analyze -rp https://github.com/ben-manes/caffeine.git --skip-deps ``` Because this repository doesn't have a provenance that Macaron can detect, Macaron put an inferred provenance...

According to the comments in https://github.com/oracle/macaron/pull/254 - https://github.com/oracle/macaron/pull/254#issuecomment-1947688052 - https://github.com/oracle/macaron/pull/254#issuecomment-1947761509 The current state of the `Registry` class is not desirable. This Github issue is created to track the work for...

The description for dependencies status in the HTML is ambiguous.

2

# How to reproduce the issue ```shell macaron analyze -rp https://github.com/apache/maven -sbom test_sbom.json ``` with the content of `test_sbom.json` as follows: [test_sbom.json](https://github.com/oracle/macaron/files/13234713/test_sbom.json)  In the example above, the dependency component...

**Description** Scenario: - The main target software component (via `-rp` or `--purl`) is available but its repository is not available - An SBOM is available (via `-sbom`) Macaron should try...

Re-design the representation of an analysis target in Macaron

1

Previously, an analysis target in Macaron is represented in the [`Configuration`](https://github.com/oracle/macaron/blob/2d6871fc5d281f71e05e9f3f7ebea6ee84c3bdc1/src/macaron/config/target_config.py#L20-L21) class. Each instance of this class contains the necessary information for Macaron to run the analysis on a target:...

Discussion on how to handle --config-path option of the analyze command after pull-request 401

2

As part of https://github.com/oracle/macaron/pull/401, the `--config-path` CLI option of Macaron has been agreed that it is not important for Macaron _at the moment_ because of the following reasons: - In...

Blocking issues: https://github.com/oracle-samples/macaron/issues/190 https://github.com/oracle-samples/macaron/issues/255

Reflect the errors of report generating

3

**Description** At the moment, all of our Reporter [here](https://github.com/oracle-samples/macaron/blob/b009eb0496d3dec1c39d5972b3c1d8622634e831/src/macaron/output_reporter/reporter.py) does not return anything even when errors happen while generating the reports. Therefore, it's better for us to return the error...

chore: return the runner back to runner queue on check exception

1

Similar to https://github.com/oracle/macaron/pull/216 . But in https://github.com/oracle/macaron/pull/216 I missed one case, which is addressed in this PR.