csaf-poc/csaf_distribution: repo moved #905
Assignees
Labels
dependencies
Pull requests that update a dependency file
no-stale
Denotes an issue or PR that should be preserved from going stale.
Comments
12 tasks
|
@tschmidtb51 Thanks for highlighting this migration! As you mentioned, this is a indirect dependency for us. I noticed that this issue is already being tracked in Trivy, so we will wait for the dependency bump in that repository. |
|
Hi @paralta , could you please assign to me? Thanks! |
|
@thiha-min-thant thanks for your interest in contributing! We have a bot to manage our dependencies, which should be enough to cover this. However, if there are some breaking changes in the Trivy update, we need to fix those manually. Please feel free to assign yourself to this issue if you want to cover any fixes required 😄 |
ramizpolic
added
dependencies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For your awareness:
As the tools are not a PoC (even since the first release), the long overdue change was conducted: The repo https://github.com/csaf-poc/csaf_distribution moved to https://github.com/gocsaf/csaf. The old URL can still be used for a couple month before it is sunsetted for security reasons.
Also, the license changed from MIT to Apache 2.0 (on the main branch, there is no new release yet).
Currently, that is mentioned in
openclarity/.licensei.toml
Line 38 in 1ff758a
I guess that this is imported through Trivy so there is the possibility that you might not need to change anything.
The text was updated successfully, but these errors were encountered: