Skip to content

feat: trim down TEA Artifact types #146

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 10, 2025
Merged

feat: trim down TEA Artifact types #146

merged 1 commit into from
May 10, 2025

Conversation

ppkarwasz
Copy link
Contributor

Many of the CycloneDX external reference types, such as website are not very interesting from a security perspective. Since it is easier to add new types than to remove them, this PR trims down the current list to some categories that:

  • Should be interesting to access on a TEA server.
  • Have machine-readable formats (with a few exceptions).

@ppkarwasz
feat: trim down TEA Artifact types
1554ba1 
Many of the [CycloneDX external reference](https://cyclonedx.org/docs/1.6/json/#externalReferences_items_type) types, such as `website` are not very interesting from a security perspective.
Since it is easier to add new types than to remove them, this PR trims down the current list to some categories that:

- Should be interesting to access on a TEA server.
- Have machine-readable formats (with a few exceptions).

Signed-off-by: Piotr P. Karwasz <piotr@github.copernik.eu>
@ppkarwasz ppkarwasz requested review from oej and madpah as code owners May 9, 2025 16:01
@ppkarwasz
Copy link
Contributor Author

This list contains the kinds of documents that might be present on a TEA server. If a category is unlikely to be interesting, let us remove it. We can extend this enum at any time.

@taleodor
Copy link
Contributor

taleodor commented May 9, 2025

Looks great!

@oej oej merged commit 6834354 into CycloneDX:main May 10, 2025
2 checks passed
@ppkarwasz ppkarwasz deleted the fix/artifact-types branch May 10, 2025 07:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@oej oej Awaiting requested review from oej oej is a code owner

@madpah madpah Awaiting requested review from madpah madpah is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ppkarwasz @taleodor @oej