Hi Developers!
First of all, thank you for all the committers that have took action and already prepared the Trufflehog update accordingly to the issues open in their respective repositories
😊
However… There are still many issues opened and waiting to be resolved by their responsible committers:
As you know we are all as committers responsible for the security of Tractus-X.
If the repositories have no assigned committer or are not maintained at all we will start discussing on deprecating them for the sake of maintaining the security of Tractus-X.
Just as reminder the Trufflehog Workflow is a active TRG since March 26,2024:
TRG 8.03 ->
https://eclipse-tractusx.github.io/docs/release/trg-8/trg-8-03
Here is the list of products with open issues, we require your attention and action:
In two weeks more or less (start of November) I will request the uninstallation from the Github Org Account:
https://github.com/eclipse-tractusx/sig-security/issues/88
So please take action now, security is a responsibility from us all,
Lets talk about it in the office hour, there you can also ask us the questions that you have
😉
Kind Regards,

Mathias Brunkow Moser
|
Lead Consultant
Software Engineering
| Software Architecture
| Cybersecurity
CGI Deutschland B.V. & Co. KG |
Catena-X
70467 Stuttgart | Leitzstraße, 45 | Germany
M: + 49 1525 6723056
mathias.brunkowmoser@xxxxxxx
|
LinkedIn
|
www.cgi.com/de

Follow CGI at:
Xing
| LinkedIn
| Twitter
| Facebook
|
Instagram
CGI Deutschland B.V. KG, Leinfelder Straße 60, 70771 Leinfelden-Echterdingen | Amtsgericht Stuttgart HRA 732235, Steuernummer: 97113/29861, Umsatzsteuer-Identifikationsnummer
gemäß § 27 UStG: DE 114118368 | Persönlich haftender Gesellschafter: CGI General Partner B.V., Rotterdam, Niederlande, KvK-Nr. 74017632 Geschäftsführer: Torsten Straß, Thomas Roth, Volker Katz, Francois Boulanger
Unsere Pflichtangaben gemäß § 35a GmbHG / §§ 161, 125a HGB finden Sie unter
de.cgi.com/pflichtangaben
CONFIDENTIALITY NOTICE: Proprietary/Confidential Information belonging to CGI Group Inc. and its affiliates may be contained in this message.
If you are not a recipient indicated or intended in this message (or responsible for delivery of this message to such person), or you think for any reason that this message may have been addressed to you in error, you may not use or copy or deliver this message
to anyone else. In such case, you should destroy this message and are asked to notify the sender by reply e-mail.