-
When tried with following dependency,
```
com.guicedee.services
guice
1.2.0.1-jre11
```
Maven complains.
> Could not resolve dependencies…
-
**Is your feature request related to a problem? Please describe.**
SBOMs contain package versions. Here is an example of a CycloneDX SBOM of a Java library:
https://github.com/CycloneDX/sbom-exa…
-
Hey everyone!
Laurent @laurentsimon and I presented about a reusable workflow + OIDC-based signing to achieve SLSA 3 in GitHub Actions at the last SLSA bi-weekly. We were hoping to migrate or donat…
asraa updated
2 years ago
-
* related to #1476
@anthonyharrison and I had a quick discussion about doing schema validation of XML before it's loaded. We've got a few places where we load XML that should have known schemas: …
-
The [`sbom` package](https://github.com/paketo-buildpacks/packit/blob/4f678064e23a999de5294058d1530caff79451cc/sbom) in packit enables buildpack authors to easily generate SBOM content from the conten…
-
Are there any plans to produce OSCAL artifacts for NIST 800-161 Appendix F, supporting Executive Order 14028?
-
GitHub UI to support multiple licenses on a repo. Please share your use cases or feedback here. Especially if there's any current pain points you experience.
-
I think federation is an area worth a **lot** more exploration. We began discussing this a bit on list, and I really want to get into with you just a bit more.
When we look at the history of wifi,…
elear updated
2 years ago
-
We like the idea of having a superset data format like JSON, but we also want to be generating CycloneDX format for compatibility with other tooling we're invested in.
I think either you could suppor…
-
There is a concept called SBOM (Software Bill Of Materials), and there are various tooling around this[^1][^2][^3][^4] concept to generate it. There are several methods designed specifically for deliv…