-
-
## Description
```solidity
contract Foo {
struct Hi {
uint256 hello;
}
function foo() internal returns (Hi storage ret) {
ret = ret;
ret.hello = 123;
…
-
#### What happened:
To generate license and other data, `bom` clones the go modules it needs to tmp. It is supposed to remove them after it's done. After trying to generate an SBOM for `cilium/c…
-
Following the various instructions to generate I am getting the following output:
The repo steps were:…
-
[//]: # "SPDX-FileCopyrightText: Copyright (c) 2022-2023 NVIDIA CORPORATION & AFFILIATES. All rights reserved."
[//]: # "SPDX-License-Identifier: Apache-2.0"
[//]: # ""
[//]: # "Licensed under the …
-
Hello SPDX team. We are trying to integrate spdx support in buildpacks. One of the things that we had a question about was the appropriate media type for spdx documents. It looks like the IANA media t…
-
### What would you like to be added?
I'd like to contribute SBOM generation to the release process of this project in both cyclonedx and spdx formats.
I'm part of https://github.com/CISA-SBOM-Co…
-
# Handle
leastwood
# Vulnerability details
## Impact
The `MockWETH.sol` contract is missing an SPDX identifier which correctly licenses the contract for open source development.
## Proof of Conc…
-
Appendix on expressions is here: https://spdx.org/spdx-specification-21-web-version#h.jxpfx0ykyb60
-
Currently the license is specified to be `BSD` in the README file, however there are many forms of BSD making `BSD` not a valid SPDX license identifier https://spdx.org/licenses/ - If you could update…