[Bug] Fix '/supply-chain-security/compromises' 404 (with redirect) #1357
Assignees
Labels
good first issue
Good for newcomers
suggestion
New suggestion for the CNCF sig-security group that don't fall into an existing category
Comments
maltfield
added
suggestion
|
fyi, it looks like the redirect link should point to https://github.com/cncf/tag-security/tree/main/community/catalog/compromises |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This ticket is to report that one of my favoriate bookmarked links (to this repo) is now a 404
Problem
I frequently send the above link to many people, but now it gives a 404 :(
In the past many years, I've opened countless bug reports with developers (on GitHub and elsewhere) asking them to improve the security of their release process to provide a means for their users to have some protection against supply chain compromises.
Not all developers have an inherent understanding of why it's important to, for example, cryptographically sign their releases. For many, you need to point the developer to a list of historical events where supply chain compromises have actually happened in the real world. Only then will many understand the importance of supply chain security.
Solution
Unfortunately, all these old tickets that I've created that link to this repo are now broken. Note that many of these tickets are still open/pending tasks, so I think it's important that the information is still available.
I don't know where the
supply-chain-security/compromiseslist has been moved, but I don't think a solution to this ticket is to tell me where it now lives.The solution to this ticket is to recreate the file
supply-chain-security/compromisesat HEAD with a message that inclues a link to the new location of thesupply-chain-security/compromiseslist.The text was updated successfully, but these errors were encountered: