Need v1.4 SBOM examples (with use of new v1.4 schema features, incl. JSF)

CycloneDX / bom-examples

A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)

https://cyclonedx.org

Creative Commons Zero v1.0 Universal

169 stars 58 forks source link

Need v1.4 SBOM examples (with use of new v1.4 schema features, incl. JSF) #33

Open mrutkows opened 2 years ago

mrutkows commented 2 years ago

Many new fields (schema) were added to between v1.3 and v1.4 yet there are not examples that ref. v1.4.

In addition, we would like examples that exhibit the use of many of these new fields such as "releaseNotes" and "vulnerabilities" (and all their sub-schemas and even proper object signing using JSF) in order to inform SBOM generation tooling, best practices as well as downstream validation (and signing verification).

denis-snyk commented 1 year ago

DavidLambertCyber commented 1 year ago