-
Notifications
You must be signed in to change notification settings - Fork 178
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clearly defined certifier #2035
Conversation
Signed-off-by: pxp928 <[email protected]>
Signed-off-by: pxp928 <[email protected]>
Signed-off-by: pxp928 <[email protected]>
Signed-off-by: pxp928 <[email protected]>
Signed-off-by: pxp928 <[email protected]>
…ill need to be added Signed-off-by: pxp928 <[email protected]>
Signed-off-by: pxp928 <[email protected]>
Signed-off-by: pxp928 <[email protected]>
Signed-off-by: pxp928 <[email protected]>
Signed-off-by: pxp928 <[email protected]>
Signed-off-by: pxp928 <[email protected]>
Signed-off-by: pxp928 <[email protected]>
Signed-off-by: pxp928 <[email protected]>
Signed-off-by: pxp928 <[email protected]>
…gestion error Signed-off-by: pxp928 <[email protected]>
Signed-off-by: pxp928 <[email protected]>
Signed-off-by: pxp928 <[email protected]>
…alues ingestor is run as a service Signed-off-by: pxp928 <[email protected]>
397d932
to
e182ed5
Compare
Signed-off-by: pxp928 <[email protected]>
FYI @nickvidal |
Signed-off-by: pxp928 <[email protected]>
A few things (not blocking this pr)
I'm excited to test this out with real data! |
Thank you @pxp928 and @jeffmendoza! |
@jeffmendoza wrt NOASSERTION, you might be interested in this recent development: https://opensource.org/blog/beyond-spdx-expanding-licenses-identified-by-clearlydefined |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you!
@@ -88,7 +90,7 @@ var ociCmd = &cobra.Command{ | |||
// Set emit function to go through the entire pipeline | |||
emit := func(d *processor.Document) error { | |||
totalNum += 1 | |||
err := ingestor.Ingest(ctx, d, opts.graphqlEndpoint, transport, csubClient, opts.queryVulnOnIngestion) | |||
err := ingestor.Ingest(ctx, d, opts.graphqlEndpoint, transport, csubClient, opts.queryVulnOnIngestion, opts.queryLicenseOnIngestion) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm seeing this pattern repeated throughout of adding booleans for some behavior changes. Would this be a good time to change the function signature to take opts as a single parameter instead of each bool separately?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes great point. We can clean this up in a future pr
mp string // message provider name (sqs or kafka, will default to kafka) | ||
mpEndpoint string // endpoint for the message provider (only for polling behaviour) | ||
poll bool // polling or non-polling behaviour? (defaults to non-polling) | ||
graphqlEndpoint string // endpoint for the graphql server |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wonder if we could contain some of the fields below as a separate struct that's used across all different cmds to have a SSoT
@@ -0,0 +1,156 @@ | |||
// | |||
// Copyright 2022 The GUAC Authors. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we care about copyright years? (I see some here are 2024, some are 2022)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ah, I thought I caught this...can be fixed in another PR.
Description of the PR
closes #1964
PR Checklist
-s
flag togit commit
.make generate
has been runmake generate
has been runmake generate
has been runcollectsub
protobuf has been changed,make proto
has been run