Mohamed Chorfa

Shipped SBOM.Tools v0.1.20 🚀 This one's all about EU Cyber Resilience Act (CRA) readiness. - New cra-docs command, generates your Annex V Declaration of Conformity straight from the SBOM - Full CSAF v2.0 round-trip - Article 24 OSS steward profile for maintainers - CRA standards-drift detection in `watch` - 14 compliance levels now, including CNSA 2.0 and NIST PQC If you're staring down CRA deadlines, this should make life easier. github.com/sbom-tool/sbom…

🔐sbom-tools v0.1.19 ships a CBOM quality engine that actually grades it: - Algorithm strength + PQC readiness - OID & metadata coverage - Key/cert lifecycle hygiene sbom-tools quality --profile cbom github.com/sbom-tool/sbom…

🚀SBOM.Tools v0.1.19 is out: the first open-source CLI/TUI to score CBOM quality, not just parse crypto inventory. This release puts real weight on PQC readiness and compliance, with scoring aligned to CNSA 2.0 + NIST PQC guidance, and grade caps when there’s zero post-quantum migration. Full details: github.com/sbom-tool/sbom…

@jsuarez Super cool 😎 mlflow is so in trouble

🪄✨SBOM.Tools v0.1.18 is out This release brings a major diff engine upgrade, enrichment support across multi-SBOM commands, a full TUI refresh across all 10 tabs, and new Go + Swift bindings (thanks to @MCh0rfa). Release notes: github.com/sbom-tool/sbom…

@trq212 @hnshah Great insights! Thank you for sharing. QQ: How do you handle state consistency when multiple subagents modify shared context?

Just shipped "Shai-Hulud Scan" 🐛an educational tool to visualize and analyze the massive Shai-Hulud 2.0 supply chain attack.Check if your deps are affected instantly (runs 100% in-browser!) mchorfa.github.io/shai-hulud-scan #Cyber #SupplyChainSecurity #Dagger #DevSecOps #OSS #dagger #NPM

@AnthropicAI This is very annoying! When I am on max plan I expect not to get interrupted. #brokenUX, #brokenCX, #brokenFlow, #brokenCX, #ux #cx #ox, #ai, #flow, in fact this hindering creativity and limiting. PS: I did not even reach the max context window

Hitting a context/token limit shouldn’t break your flow. All major AI Providers—@OpenAI @AnthropicAI @GoogleAI @xai —should **auto-handoff**: warn users early, summarize work, and guide session continuation. Seamless workflows, no interruptions! #AI #UX #DX #CX

@upstash RBAC at index level? Index rehydration? Chunks parity to documents lifecycle?

Upstash Vector Features: - Low latency scalable search built on DiskANN ✅ - Live index updates ✅ - Python, Typescript, Go SDKs ✅ - True serverless with pay per request pricing ✅ - Cosine, Euclidean, Dot Product similarity functions ✅ - Metadata filtering: Coming soon! 👀 - Namespaces: Coming soon! 👀 - Index replication: Coming soon! 👀

We are thrilled to announce Upstash Vector! 🚀 Serverless Vector Database for AI and LLMs. - Fully managed - Designed and purpose built for AI and LLMs - Scale to over a billion vectors - Simple and flexible pricing that scales to zero

Hello @Azure Is there a way to verify a ml or llm model signature before instantiate or deploy it. Within the new service azure for openai. Assuming the llm model have already it's MLBoM and processed within the @sigstore ecosystem

Turbocharge your llm inference : lnkd.in/e4894AeG

Want to build the world's laziest control plane ⁉️ Yes you read that correctly...‼️ Let's see how far @ppog_penguin can push the limits of control plane laziness in his lastest blog bit.ly/3CNgKn5 #WebAssembly #Wasm #Severless

@Nightbanes Socket.dev

Does anyone have a good solution for validating 3rd party JavaScript imports to ensure they aren't malicious?

Serverless WASM. Worth paying attention to. fermyon.com/blog/wasm-wasi… ~ @fermyontech

Awesome presentation by @technosophos where we can see the new ERA of cloud computing led by @fermyontech on #HashiTalks: #Deploy Day 2 | youtu.be/hUfFN5ZsuOM

@jptoto Equivalent to software industry: "it depends 🤪"

Hello @ice_panel, any plan for on-prem deployments?

@jptoto They are attracted to nice backyards 🙌. Would be interesting if they come when then 🎃 Halloween setup is up

🎉🎉🎉 Porter v1.0.0 is out! 🎉🎉🎉 getporter.org/blog/v1-is-her… | github.com/getporter/port…