Hackers' Pub

Syntax	Description	Examples
`"` keyword `"`	Finds the string within quotes, including spaces. Case-insensitive. (Escape quotes inside with `\"`)	`"Hackers' Pub"`
`from:` handle	Finds content written by the specified user.	`from:hongminhee` `from:hongminhee@hollo.social`
`lang:` ISO 639-1	Finds content written in the specified language.	`lang:en`
`#` tag	Finds content with the specified tag. Case-insensitive.	`#HackersPub`
condition condition	Finds content that satisfies both conditions on either side of the space (logical AND).	`"Hackers' Pub" lang:en`
condition `OR` condition	Finds content that satisfies at least one of the conditions on either side of the OR operator (logical OR).	`#HackersPub OR "Hackers' Pub" lang:en`
`(` condition `)`	Combines the operators within the parentheses first.	`(#HackersPub OR "Hackers' Pub" OR "Hackers Pub") lang:en`

Miro Hrončok @hroncok@floss.social

12/17/2025, 4:56:56 PM

Public

So I heard you like #SBOM, so I put SBOM into the #Python wheels in #Fedora RPMs, so when you unwheel the wheels, you get the SBOM.

If your Python virtual environment was created on Fedora, your #security scanner can recognize #CVE fixes in patched pip (or setuptolos) within.

The question, however, is: What to do with this now :D

https://developers.redhat.com/articles/2025/12/15/how-reduce-false-positives-security-scans

Anyway, security scanner people, please reach out.

Featured image for: micropipenv: Installing Python dependencies in containerized applications.

How to reduce false positives in security scans | Red Hat Developer

Learn about Fedora Rawhide testing a solution that embeds SBOM metadata directly into Python wheels, allowing scanners to recognize backported security fixes

developers.redhat.com · Red Hat Developer

If you have a fediverse account, you can quote this note from your own instance. Search https://floss.social/users/hroncok/statuses/115735961074998764 on your instance and quote it. (Note that quoting is not supported in Mastodon.)