-
## Summary
When running spdx-sbom-generator on itself, the resulting SBOM is missing the colon (':') after each 'Relationship' tag.
## Background
1. cloned main branch (a795777) and built for…
-
Thank you for putting together this GitHub Action.
Apparently, it cannot access/resolve the GitHub Action per the error
```
Failed to resolve action download info. Error: Unable to resolve acti…
-
Hey Everyone!
I've been working on fleshing out relationship data for this SBOM generator:
https://github.com/anchore/syft
The question we've come across deals with Packages and how they relat…
-
When we make the sbom with the code below,
`BomXmlGenerator generator = BomGeneratorFactory.createXml(CycloneDxSchema.Version.VERSION_13, cycloneDxSbom);`
```
2021-08-25T03:59:43Z
…
-
In a recent draft response to NIST regarding the Executive Order, OpenSSF (Linux Foundation) had an initial statement from David Wheeler that they would pay to write SPDX plugins. SPDX is over ten yea…
-
I think it'll work better if we put those here (instead of pull-requesting); we can then sort out some (or even leave all) and update the website. (or even create a wiki page and point there). @pabloc…
-
@lfpratik
**Tool Version** v0.0.6
**Test Repo** https://github.com/lfpratik/spdx-pipenv-demo
**OS** Windows 10
1. Followed all prerequisite steps as per https://confluence.linuxfoundation.org/d…
-
Original Reporter: nvelagapudi
Environment: Not Specified
Version: Not Specified
Migrated From: http://jira.linuxfoundation.org/browse/SSB-24
Download spdx-sbom-genertor v0.0.2 from https://github.c…
-
SchemaHero has access to sensitive information (a database) and we should be adopting every security best-practice that makes sense. One area of focus is supply chain to ensure that anyone running Sch…
-
@lfpratik
**Tool Version** Cloned code from main branch of https://github.com/spdx/spdx-sbom-generator on 11-06-2021 and built the tool
**Test Repo** https://github.com/lfpratik/spdx-poetry-demo
*…