The OpenSSF VEX blog posting is accessible in the LinkedIn SBOM SIG implementers community, along with my comments regarding the curl comment.
"* Reducing False Positives: Microsoft reports that common vulnerabilities in libraries like curl generate hundreds of unnecessary support tickets. VEX could stop those calls before they happen." https://www.linkedin.com/groups/13274064/ Thanks, Dick Brooks Active Member of the CISA Critical Manufacturing Sector, Sector Coordinating Council - A Public-Private Partnership Lifetime IEEE Member <https://reliableenergyanalytics.com/products> Never trust software, always verify and report! T Risk always exists, but trust must be earned and awarded.T <https://businesscyberguardian.com/> https://businesscyberguardian.com/ Email: [email protected] Tel: +1 978-696-1788
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-users Etiquette: https://curl.se/mail/etiquette.html
