This is my work open source project that lets you scan for known vulnerabilities in your binaries, package lists and SBOMs. It's meant to make it easier (and cheaper!) to make secure open source software.
3.3 has new features from our Google Summer of Code 2023 contributors including EPSS metrics to help users assess risks associated with vulnerabilities, a new GitHub Action to make scanning easier, and a mirror of the NVD data backed by the same servers that do Linux distro mirroring so you don't have to deal with rate limits, downtime, and servers only located in the US.
Sad to see another #hacktoberfest come to an end. I always like the opportunity to work with new contributors. This year was particularly productive with people helping with #Owncast. Thank you to all!
I absolutely love #hacktoberfest every year. I get to meet new contributors, some who are taking part in open source for the first time. Sure, there's garbage sometimes, but I find that to be in the minority. Anything that gives me the opportunity to meet new people, if only for a commit or two, is a good thing, and I'm thankful for it.
"This year marks the 10th anniversary of Hacktoberfest, and we’re calling on your support! Whether it’s your first time participating—or your tenth—it’s almost time to hack out four pristine pull/merge requests as we continue our month of support for open source."
Today in the #WindowsTerminal: I've rejected 6 spam #hacktoberfest PRs in the last week. I really thought this year would be better? I guess I was wrong. Anyone else seeing better results? #OSS
I'm really just messing around at this point, but in case anyone is interested in xcodeproj linting. My first goal is going to be a rule to check for build settings defined outside xcconfig files.
A couple of discount vouchers to some services you're never going to use, some digital "badges" which no one cares about, and the promise that'll plant a tree for you.
I know I sound jaded and bitter. But at least a t-shirt was a tangible thing and didn't try to sign you up for a subscription.