Comments (1)
Some thoughts on this
Change repo structure
Rename lib
directory to pkg
. This is opinionated and based on https://github.com/golang-standards/project-layout#pkg, just a suggestion.
Change API to handle primitives
As an example, ecosystems.GetPackageData
currently receives a packageurl.PackageURL
, which immediately forces consumers to add the packageurl
lib to their projects. A string
as input would probably be more convenient.
Return errors
Errors are currently mostly being swallowed, making it hard for consumers to understand when and why something unforeseen happened, and to react accordingly. An example would be the EnrichSBOM
functions, which currently have no effect if an API call fails; but they also donβt notify of such failure.
from parlay.
Related Issues (20)
- Should enrichment modify or add to the tools noted in the SBOM HOT 3
- Unable to install HOT 1
- Debug messages HOT 1
- Add a mechanism to get the version on the CLI HOT 1
- Add Snyk Advisor external reference links in the Snyk enricher
- Add Snyk Vulnerability DB external reference links in the Snyk enricher
- snyk enrich doesn't return vulnerabilities HOT 3
- operation system package don't work HOT 3
- Add support for github purl-type HOT 1
- Error when try to scan .xml SBOM HOT 1
- PURLs not resolving properly when enriching a CycloneDX SBOM with ecosyste.ms HOT 1
- Snyk enrichement returns null always
- Snyk package and enrichment command runtime error on Windows HOT 2
- Snyk enrich is looking up user info per package
- Snyk cmd missing debug output
- getSnykOrg does not error on non-200 responses
- No error message for invalid token for snyk enrich and package HOT 2
- Support for CycloneDX 1.5 HOT 1
- No information found for components with a group HOT 4
- No enrichment for nested components in CycloneDX HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from parlay.