-
Hey Everyone!
I've been working on fleshing out relationship data for this SBOM generator:
https://github.com/anchore/syft
The question we've come across deals with Packages and how they relat…
-
When we make the sbom with the code below,
`BomXmlGenerator generator = BomGeneratorFactory.createXml(CycloneDxSchema.Version.VERSION_13, cycloneDxSbom);`
```
2021-08-25T03:59:43Z
…
-
In a recent draft response to NIST regarding the Executive Order, OpenSSF (Linux Foundation) had an initial statement from David Wheeler that they would pay to write SPDX plugins. SPDX is over ten yea…
-
@lfpratik
**Tool Version** v0.0.6
**Test Repo** https://github.com/lfpratik/spdx-pipenv-demo
**OS** Windows 10
1. Followed all prerequisite steps as per https://confluence.linuxfoundation.org/d…
-
I think it'll work better if we put those here (instead of pull-requesting); we can then sort out some (or even leave all) and update the website. (or even create a wiki page and point there). @pabloc…
-
Original Reporter: nvelagapudi
Environment: Not Specified
Version: Not Specified
Migrated From: http://jira.linuxfoundation.org/browse/SSB-24
Download spdx-sbom-genertor v0.0.2 from https://github.c…
-
SchemaHero has access to sensitive information (a database) and we should be adopting every security best-practice that makes sense. One area of focus is supply chain to ensure that anyone running Sch…
-
@lfpratik
**Tool Version** Cloned code from main branch of https://github.com/spdx/spdx-sbom-generator on 11-06-2021 and built the tool
**Test Repo** https://github.com/lfpratik/spdx-poetry-demo
*…
-
@lfpratik
**Tool Version** Cloned code from main branch of https://github.com/spdx/spdx-sbom-generator on 11-06-2021 and built the tool
**Test Repo** https://github.com/lfpratik/spdx-poetry-demo
**…
-
Original Reporter: nvelagapudi
Environment: Not Specified
Version: Not Specified
Migrated From: http://jira.linuxfoundation.org/browse/SSB-23
spdx-sbom-genertor release version is v0.0.2Execute ./sp…