Dimitri John Ledkov

unlike structured packaging languages (python wheels, rust cargo crates and cargo auditable, npm modules, go binaries with go buildinfo) there isn't anything like this for c/c++. however you are in...

Once this is in wolfictl, we will be able to eliminate ``` $ git grep SOURCE_DATE_EPOCH *.yaml | grep 3155 | wc -l 48 ``` At least that many lines...

> I do think we conflate runtime and build-time dependencies a bit when constructing the graph yes that is happening. it seems like a single set of packages and directions...

> > One doesn't need to order (all runtime deps) + (all build time deps). only only needs to order (build time deps) versus older ones. > > This is...

Checking symbols tables will not help if they are stripped. Also libgcc might only be needed when pthreads is dlopened.... Or when one statically links DL calls that call out...

likely gcc.yaml upgrade needs to land first; before we can complete presubmit build here.

Typo in PR title & the commit message. Note I think I can also observe similar on Linux...... when running HARNESS_JOBS set to `nproc` and the machine for tests getting...

core20 is built from ubuntu packages ``` $ zcat /snap/core20/current/usr/share/doc/openssl/changelog.Debian.gz | grep -e 2022-1292 -e 2023-0464 -e 2022-4450 - debian/patches/CVE-2023-0464-1.patch: limit the number of nodes created - debian/patches/CVE-2023-0464-2.patch: add test...

@vorlonofportland please redirect this to snapd/security/scanners team

> > @vorlonofportland please redirect this to snapd/security/scanners team > > I'm unclear what you are asking to have redirected. This is a report from a third-party scanner giving inaccurate...