Why has Frappe stopped prompting update logs or change notifications for non-programming users in the system, leaving them unable to easily identify what’s been fixed or added in updates? How can we enhance user experience and transparency in software updates for all users?
We have something better planned: https://github.com/frappe/frappe/pull/21014
In meantime release notes are present here:
Putting the question the other way round:
Is there an easy (read: automated) way to get the complete “Frappe BOM” in order to automate supply chain verification, e.g. against NVE, CVEdatails, exploitdb, advisories from Ubuntu and other entities, etc.?
@ankush BTW, are Frappe engineers aware of OSCP? I asked some and they weren’t aware it exists, if nobody from your team is, please research it. From my perspective, it might be a good idea to get at least 1 or 2 of your engineers certified (this would probably be a medium term thing).
Maybe it’s not necessary after all, also I don’t know enough about your academic software curricula and individual backgrounds, but not being aware of it looks like an IT landscape awareness sharing opportunity to me. Best!