From an email I sent earlier:
This is part of what we're building with the community. So Josh Bressers/Buker/myself have some generally simple/concrete ideas:
1) Data format (use OSV for now)
2) Data store (GitHub)
3) Data presentation (Josh Buker has a demo working e.g.
https://gsd-demo.gsd-experiment-1.workers.dev/identifier/GSD-2021-1002352)We'd like to see a good edit interface on the display so if you're looking at something and spot a problem/missing data you hit edit, get run through GitHub auth and submit your changes, it gets done as an issue or PR and someone else (or a bot in the future?) approves it.
We also want to work on the data format, OSV is good but incomplete for some things we need. Do we work with OSSF to extend it? Do a "branch"? Do something completely different?
Also, a request form for people that is guided and has a good flow would be nice.
We have a repo:
https://github.com/cloudsecurityalliance/gsd-project-plansand a GitHub project (still not sure if this is the way to go, but worth a try)
https://github.com/orgs/cloudsecurityalliance/projects/1And this discussion
------------------------------
Kurt Seifried
Chief Blockchain Officer and Director of Special Projects
Cloud Security Alliance
[email protected]------------------------------