Navigation

    Inedo Community Forums

    Forums
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. fabrice.mejean
    F
    • Profile
    • Following
    • Followers
    • Topics
    • Posts
    • Best
    • Groups

    fabrice.mejean

    @fabrice.mejean

    0
    Reputation
    2
    Posts
    1
    Profile views
    0
    Followers
    0
    Following
    Joined Last Online
    fabrice.mejean Follow

    Best posts made by fabrice.mejean

    This user hasn't posted anything yet.

    Latest posts made by fabrice.mejean

    • RE: Request for Creation of API for Package Auditing Before Dependency Restoration

      Hello @stevedennis ,

      Thank you very much for taking the time to respond to my request. Your proposal aligns well with my needs, but I would like to point out that it lacks the retrieval of the "package status" (PackageStatus object).

      Regarding the pgutil vulnerabilities audit command, I understand that there is a suggestion it might be redundant. However, I don't believe it would actually create a duplication, especially if it can execute more quickly and meet specific requirements.

      Additionally, I’ve noticed that there isn’t a command to check if a package has been promoted, even though the API for it exists (https://docs.inedo.com/docs/proget/api/packages/promote/promotion-query). Would it be possible to add this functionality? Also, if we could verify that the package is still present in the destination repository, that would be a significant advantage.

      Thanks again for your help!

      Best regards,

      Fabrice MEJEAN

      posted in Support
      F
      fabrice.mejean
    • Request for Creation of API for Package Auditing Before Dependency Restoration

      Hello,

      I would like to submit a request for the creation of an API dedicated to auditing packages prior to the restoration of dependencies within our software factory. Currently, we utilize Native APIs to validate the dependencies used by an application before restoration. However, this approach has certain limitations that lead us to seek a more efficient solution.

      Below are the key functionalities we would like to see implemented in this new API:

      Verification of Package Promotion:

      Currently, the existing API verifies if the package has been promoted, but it does not confirm whether the package is still present in the target. We would like a more thorough method that utilizes the package API to verify the presence of the package.

      Status of Obsolete Packages:

      There is currently only a "set package status" API, but no "get package status." We need functionality that allows us to retrieve the status of packages to identify those that are obsolete or blocked from downloading.

      Vulnerability Checks:

      We need to verify package vulnerabilities and indicate those that are blocked from downloading due to critical vulnerabilities, along with their severity ratings.
      The goal of this API would be to perform a complete audit of dependencies before the build process, preventing issues during package restoration. This would enable developers to quickly diagnose and resolve installation problems, ultimately saving them a significant amount of time.

      Additionally, I want to highlight that the current audit API requires the registration of a build to function, which is not feasible in our context, especially for builds that have not yet been initiated.

      Thank you for considering this request. I am available for any further information or to discuss the details related to this proposal.

      Best regards

      Fabrice MÉJEAN

      posted in Support
      F
      fabrice.mejean