Marco Pignati
-
Posts
9 -
Joined
-
Last visited
Posts posted by Marco Pignati
-
-
Hi, from a forum discussion on LAVA, it seems that VIPM does not provide authenticity verification of the packages we install. In my opinion this is something worrying.
It will not be easy to defend (read: get approval for) the cybersecurity and integrity of software built by LabVIEW leveraging such libraries (therefore, in the large majority of the cases, by using VIPM as package manager). Is this something that is on the roadmap or it is already available and I am not aware of it?
Thanks!
-
Hello, in other programming languages there are ways to track vulnerabilities of the packages that are used in one's source code. This is done via CVE lists.
Also in the case of LabVIEW, for example, cybersecurity vulnerabilities are published in such CVE lists, so that users can get notified and decide to patch it or not.
What we miss, in my opinion, is a similar tool for all the packages we install via VIPM. If those packages, as of today, are affected by a vulnerabilities, there is no way to know (in my knowledge).
It would be useful if, for the packages accessible via VIPM, such a CVE list is generated and maintained. Any user, would then track the packages he has installed and patch them when a soon as a fix is released.
-
Hello, currently the VIPM API can only be installed on Windows. It would be really nice if we could use it in Linux for our CI
Thanks
- 2
-
Actually the title is misleading (I did not create it). I do not have issue in mac (I do not own one). I have issues when installing in some packages in Linux.
If I during the build of the package (done in Windows) I build the pacakge with support for Windows and Linux flags it DOES NOT install in Linux using VIPM 2022 beta.
If I during the build of the package (done in Windows) I build the pacakge with support for Windows, Linux AND mac it DOES install in Linux using VIPM 2022 beta.
-
The error was present when the package was built for Windows and Linux only. For test, we rebuilt it for all OSes and now it is installed properly. Maybe an issue in detecting the OS?
-
Hello. Thanks for this. It works well for the large majority of the packages. I installed many. For 2 of them I get error 5000 that does not say much to me.
Any idea?
-
-
Hello, as we are moving to LV for Linux 2020, is there an ETA for having VIPM 2020?
I am currently using the workaround above of manually copying the packages from Windows to Linux but it is not easy to maintain.
feature suggestion : VIPM API for Linux
in VIPM Idea Exchange
Posted
Same here! very useful to setup CI for example!