-
Thank you for Hatch--I love it! Here is an idea for improvement that has been on my mind:
It would be nice to include a command within Hatch to generate SPDX-compatible software bill-of-materials …
-
I'll preface this by saying I'm by no means an expert on this topic. But SBOM is becoming a hot topic these days in the software world and I'm curious what, if anything, that means for Orchard Core.
…
-
For security and compliance concerns, it would be good to have a list
of dependencies for example to assess which security vulnerabilities affect Xpra:
https://en.wikipedia.org/wiki/Software_supply_…
-
- https://www.cisa.gov/sbom
- https://en.wikipedia.org/wiki/Software_supply_chain
- https://www.ntia.gov/page/software-bill-materials
- https://www.iotsecurityfoundation.org/wp-content/uploads/2023…
-
**Is your feature request related to a problem? Please describe.**
Industry best standards for software security and software supply chain risk management security is to have a software bill of mater…
-
-
## Current situation
Image-based gadgets have [image layers and media types](https://github.com/inspektor-gadget/inspektor-gadget/blob/main/docs/reference/oci.md#image-layers-and-media-types) for e…
-
-
As Heroku moves to Cloud-Native Buildpacks which [natively support generating a software bill of materials (SBOM)](https://buildpacks.io/docs/tools/pack/cli/pack_sbom_download/) artifact during the bu…
-
### Feature Description
It would be useful to upload and view dependencies of a repo using software bill of materials manifests.
Similar feature exists in Github https://github.blog/2023-03-28-int…