-
### Description
I'm running the following Docker Compose setup:
https://github.com/jo-tools/docker/blob/main/local-cubesql-volumes/docker-compose.yml
This runs a Database Server (cubeSQL) and a…
-
> Ok, thanks - that makes sense. Crazy that this was working for so long. Not sure what broke it, but clear I was depending on something I should not.
>
> Separately, there is basically no bridge t…
-
[OWASP SCVS](https://scvs.owasp.org/scvs/v2-software-bill-of-materials/) is formalizing verification requirements for SBOMs.
sbomqs rules to test SBOM against as well output should be aligned to mee…
-
### Verification
- [X] This issue's title and/or description do not reference a single formula e.g. `brew install wget`. If they do, open an issue at https://github.com/Homebrew/homebrew-core/issues/…
-
When using [maven-shade-plugin](https://maven.apache.org/plugins/maven-shade-plugin/), the sbom should likely somehow encode which dependencies are 'embedded' in the jar, and which are 'regular' depen…
-
One of the missing "tool types" (in existing SBOM tooling classification efforts) is dependency graphing tools.
These are tools which can create an independent dependency graph (across artifact typ…
-
# Feature or enhancement
### Proposal:
Software Bill of Materials (SBOM) is a format for tracking software and its components. This information will also soon become relevant for Python users du…
-
The SBOM Catalog's [contributing docs](https://github.com/ossf/sbom-everywhere/tree/main/SBOM-Catalog/contribute.md) don't mention the *Language* field that appears in `data.yaml`. From existing entri…
-
I'm considering using `sbommerge` as a way to add information to the packages in an SBOM, rather than actually merging two lists of packages. The idea is the following:
- I generate one SBOM from the…
nodet updated
6 months ago
-
### Description
After upgrading my Docker Desktop installation to 4.20.0 or 4.20.1 through Settings/Software updates, it crashes with `supervising tasks: task failed: shutdown with exit code 1: com.d…