search

CISA-SBOM-Community / SBOM-Generation

Reference GitHub Workflows for SBOM generation from the CISA SBOM Generation Reference Implementation Tiger Team
Apache License 2.0
10 stars 2 forks source link

Decide on tool for generating hierarchical SBOMs #22

Open vpetersson opened 4 weeks ago

vpetersson commented 4 weeks ago

As discussed in #17, we need a way to create a hierarchical SBOM that can point to an application and container SBOM. This is a requirement for Phase 1 (Python), but also for Phase 2.

sbomasm and bomctl are candidates for this.