In the past I've worked on a set of scripts to identify potential for improvement of the supply chain within our build service. For now RPM files can be scanned for unused signature files that are available upstream and look for potentially unused https:// links, although they are available.

These scripts work on a prototype-basis, but there is a lot of follow-up work to do, e.g.:

  • Re-structuring and tidying up the source
  • Improve the API of the libraries
  • Implement advanced features (look through all of the existing # TODO comments)
  • Add test cases to make scripts and libraries more robust
  • Move from GitHub to internal GitLab instance
  • Implement robust continuous integration
  • Create script that will scan through the (Factory) source tree on a regular basis

Looking for hackers with the skills:

programming python security coding ci infrastructure script

This project is part of:

Hack Week 17

Activity

  • about 3 years ago: isaacschwartzman left this project.
  • about 3 years ago: isaacschwartzman started this project.
  • over 4 years ago: kbabioch liked this project.
  • over 4 years ago: kbabioch added keyword "script" to this project.
  • over 4 years ago: kbabioch added keyword "python" to this project.
  • over 4 years ago: kbabioch added keyword "security" to this project.
  • over 4 years ago: kbabioch added keyword "coding" to this project.
  • over 4 years ago: kbabioch added keyword "ci" to this project.
  • over 4 years ago: kbabioch added keyword "infrastructure" to this project.
  • over 4 years ago: kbabioch added keyword "programming" to this project.
  • over 4 years ago: kbabioch originated this project.

  • Comments

    Be the first to comment!

    Similar Projects

    openSUSE on Fairphone by FridayKetchup

    I am curious if we can run openSUSE or another ...


    Testing and adding GNU/Linux distributions on Uyuni by juliogonzalezgil

    Join the Gitter channel! [https://gitter.im/uy...


    web-based testing tracker for aquarist-labs's s3gw by jluis

    [comment]: # (Please use the project descriptio...


    OMEMO Hexchat plugin by dknorr

    [comment]: # (Please use the project descriptio...


    Video For Linux 2 Camera monitor, frame capture, day/night exposure control and timelapse generator in python by dmair

    Use the V4L2 API in a PySide qt6.3 application ...


    Rewrite libkdumpfile Python binding using CFFI by ptesarik

    Project Description

    The [libkdumpfile](ht...


    Learn more about Application Security (AppSec) Open Source Tools and Testing Techniques by heidi.bronson

    [comment]: # (Please use the project descriptio...


    Kanidm - Modern Opensource Identity Management by firstyear

    Project Description

    Kanidm is a identity ma...


    FIDO2 emulation by mkoutny

    [comment]: # (Please use the project descriptio...


    Explore Crev as collaborative code audit by pperego

    Project Description

    Crev [1] is a collabo...


    rust security reviews and cargo-crev by jzerebecki

    [comment]: # (Please use the project descriptio...


    openSUSE build supported by SUSE IT by vgrinco

    Project Description

    SUSE IT needs help fr...