-
The current npm JSON parser implements JSON reading using `ioutil.ReadJson` which is deprecated. Plus, some considerations with `package-json.lock` file is not supported.
See https://github.com/ope…
-
**What would you like to be added**:
The ability to read entire file contents (or just the top X bytes of the file) and classify the contents as a particular license (e.g. MIT, Apache 2.0, etc). This…
-
**Owners**
• Ria Farrell Schalnat ([Pizza-Ria](https://github.com/Pizza-Ria)) – Open Source Program Manager for Hewlett Packard Enterprise and Chris Hibbard – Open Source Security Architect
**Issu…
-
## Summary
Helper - GetCopyright function - Runtime error: index out of range [] with length
## Background
Index out of range occurs when providing the string "copyright" to the function:
…
-
**Question**
Can you provide a yaml example for running a `wss-unified-agent.jar` agent for scanning an artifact (published as a new project) and then run sbom generator to get all the dependencies…
-
from @ewels
Seeing more and more people ask about SBOM documents for pipelines / containers (software bill of materials). It looks like Trivy can generate SBOMs. Is this something that we could get …
-
## Summary
Program exit with error `panic: runtime error: invalid memory address or nil pointer dereference` and no `bom-swift.spdx` output file
## Background
Trying to generate spdx file fro…
-
Hello,
I'm trying to generate a sample SBOM on a python project directory, but I'm getting this error:
```
$ ./spdx-sbom-generator ../sample_python_project -o out
INFO[2021-07-15T09:10:31-07…
-
## Summary
Got error message `Unable to fetch package details` when I try to generate the SBOM, the error has no more details or verbose log, I have no idea what's happening or what's required to m…
-
### Feature request
We (w/@dentrax @erkanzileli) propose generating SBOMs once the images are built when Taskrun has been completed, then signing them. I want to list the tools that can help us to …