-
### Ticket Contents
## Description
This has two aspects, the first one being more high level information such as the lines of code, contributors, dependencies, repositories, commits. An automate…
-
### What is your suggestion?
Bazel's sbom generator (rules_license) requires that package build files contain a number of declarations to teach bazel about name, package url, license, etc. Could co…
-
## Real-Bugs
- https://github.com/open2b/scriggo/issues/948
- https://github.com/vmware-tanzu/velero/pull/7602
- https://github.com/zhuxiujia/GoMybatis/pull/75
## Bad Case
- https://github.c…
-
https://github.com/docker-library/repo-info/blob/master/repos/mariadb/remote/10-jammy.md#mariadb10-jammy
```
Platforms: 8
linux; amd64
unknown; unknown
linux; arm64 variant v8
…
-
- https://learn.microsoft.com/en-us/azure/security/container-secure-supply-chain/articles/attach-sbom
- https://oras.land/blog/oras-0.14-and-future/#attach-the-sbom-to-this-image
We can use the OR…
-
### Description
Add the ability to generate an SBOM without doing a cve scan of the components found. We could potentially make this work for other formats other than SBOM (such as an HTML report)…
-
**Is your feature request related to a problem? Please describe.**
A clear unique identification (PURL) of each package/component is missing, but SBOM often includes several package types.
**Des…
-
**_Failed to run command: No module manager found_**
Hi, I am using spdx for the first time, Trying to run spdx on Windows x64 for cloned repo of product which is C# and C++ code.
Running too…
-
**Question**
Hello. I tried to generate SBOM, but I got some errors of "ConnectTimeout". Could you tell me how to solve this?
Please find the attached logs.
[logs.txt](https://github.com/whitesou…
-
**Is your feature request related to a problem? Please describe.**
I only need one project SBOM under my product to be generated and this within a short time of period (max. 3min). But currently I …