-
By Luis on SPDX mailing list:
There is one command line combination "sbomqs score -b" which is very
handy to include in batch processing. Under GUN/Linux,
I can capture its output with result=$(s…
-
### Current Behavior
The age of the BOM has no impact on the risk score.
### Proposed Behavior
It should be possible to provide a sliding scale in the settings on how the BOM age impacts the risk s…
-
### Comment moved from Project Lifecycle Document Section 3. Stages - Definitions & Expectations - Impact Stage - Acceptance Criteria
To graduate from the Incubation or Growth Stages, or for a new pr…
-
Subscribe to this issue and stay notified about new [daily trending repos in C#](https://github.com/trending/c%23?since=daily).
-
Hello,
I have created a project with a dependency to following NuGet package:
NUnit3TestAdapter 4.3.1
After restore and build I observed that the created `project.assets.json` file does not con…
-
* Related #3550
# cve-bin-tool: Product Mapping using PURLs
## Project description
CVE Binary Tool needs to identify components in order to scan for vulnerabilities, but uniquely identifying …
-
Hi,
I did a comparison between the glossary of the tooling landscape (TL) and the terminology around tooling of the OpenChain project (OC). I propose the following changes in the glossary (I can to t…
-
**Describe the bug**
When the SBOM JSON file is generated from Blackduck, ingestion fails for it
**To Reproduce**
generated SBOM from Blackduck and then tried to ingest in the guac using the belo…
-
**Is your feature request related to a problem? Please describe.**
Recent zero-day vulnerabilities and the resultant WH executive order regarding cybersecurity are making sbom generation an increasin…
-
Container image ghcr.io/interlynk-io/sbomqs doesn't run in GitLab CI/CD job. It doesn't meet the minimal image requirements to run it.
> Image requirements
Any image used to run a CI/CD job must…