[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Auditing CPE names

From: Leo Famulari
Subject: Auditing CPE names
Date: Sat, 11 Feb 2017 14:53:46 -0500
User-agent: Mutt/1.7.2 (2016-11-26)

I wonder if anyone checks the Common Platform Enumeration (CPE) names of
new packages when creating them?

It's important to name the package in accordance with the CPE or set
the cpe-name property, or else `guix lint -c cve` won't work for that

There is an example of setting the cpe-name in the package definition of
isc-dhcp, where the cpe-name is 'dhcp'.

Maybe we should audit the whole package set to find packages that appear
to not be covered by CPE.

Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]