This is all part of playing nicer in the larger FOSS ecosystem, as is the generation of SBOMs, all items that were inspired from the fall out of Log4Shell.
Gary On Fri, Sep 30, 2022 at 6:26 AM Thomas Vandahl <[email protected]> wrote: > > Hi Gary > > > Am 28.09.2022 um 21:31 schrieb Gary Gregory <[email protected]>: > > > > A specific version of the ossf/scorecard-action is approved by Apache Infra. > > Is there any discussion I might have missed why this is required now? > > Bye, Thomas > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
