-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Opam Dependency Submission #62
Comments
Thanks for filing this issue @smorimoto . Could you elaborate more on what you mean by 'provide decent support for opam packages on GitHub'? |
@jonjanego I would like to add support to the OCaml packages like the npm packages have here. |
Hmm... Thinking about this again, it seems hard to link repositories with just the information from the purl. Another idea is that the specification of the URL of ocaml.org can be easily composited with just the information from the purl, so it would be ideal to use it? Spec
Example
|
Thanks for the suggestion @smorimoto ! At this time, adding OCaml support natively into the dependency graph functionality isn't something on our roadmap, but we'll certainly keep it in mind for the future. |
We've done a lot of work over the last few years to integrate the dependency submission API with opam, OCaml's official package manager. See this post for details: https://discuss.ocaml.org/t/ann-set-up-ocaml-analysis
The next thing I want to do is provide decent support for opam packages on GitHub.
It would be great to be able to publish vulnerabilities on GitHub and/or such as which repositories your library is used in!
The text was updated successfully, but these errors were encountered: