-
**Project description**
**Parlay** is an open source tool from Snyk that enriches SBOMs
The increasing adoption of software bill of materials (SBOM) standards are starting to drive better interope…
-
### Parent Issue
_No response_
### Task
We need to automate the generation of Software Bill of Materials (SBOM) using GitHub Actions. This automation should ensure that a new SBOM is generate…
-
**Issue**
When using esbuild (with --bundle and --minify options) to package projects for use in a Lambda function, the function can not be scanned by Amazon Inspectors SBOM generator tool.
**I…
-
**What happened**:
Syft creates two entries in the SBOM for the local dependency, one of which doesn't have the details like version or license
**What you expected to happen**:
For there to o…
-
### Prerequisites
- [X] I have written a descriptive issue title
- [X] I have searched [issues](https://github.com/cake-build/cake/issues) to ensure it has not already been reported
### Cake runner
…
-
Add support to score SBOM generated in SWID format
> SWID tags can be used as an SBOM, since they provide identifying information for a software
> component, a listing of files and cryptographic…
-
```[tasklist]
### Tasks
- [ ] Publish V1 of SBOM Guide For OpenJS Projects
```
-
In the outreach team meeting on 7 August, 2023 it was suggested we add a [quick start guide](https://github.com/spdx/outreach/tree/main/quickstart) for producing SPDX documents from the [sbom-tool](ht…
-
Hey folks, it looks like there's an interoperability issue between Buildpacks and Cosign tooling. As an end user, I would like :
`pack sbom download` and `cosign download sbom` to work on any OCI art…
-
**What happened**:
Generated SPDX is invalid, mandatory copyright text is missing
**What you expected to happen**:
SPDX should be valid
**Steps to reproduce the issue**:
```
syft docke…