Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package managers. Integrate in your CI/CD pipeline with automatic submission to Dependency Track server. Google chat: https://chat.google.com/room/AAAA6l2dO60?cls=7
We make extensive use of workspace global env variables to define our $PRIVATE_ARTIFACT_REGISTRY, which is used in image statements such as $PRIVATE_ARTIFACT_REGISTRY/node:latest
This enhancement suggestion is to support providing a list of registry aliases that will be substituted during the BOM process.
I am also open to adding a parser for renovate and dependabot configuration. We can gradually expand on support for formulation and settings like these would help.
We make extensive use of workspace global env variables to define our
$PRIVATE_ARTIFACT_REGISTRY
, which is used in image statements such as$PRIVATE_ARTIFACT_REGISTRY/node:latest
This enhancement suggestion is to support providing a list of registry aliases that will be substituted during the BOM process.
The equivalent of this in Renovate is documented here - https://docs.renovatebot.com/configuration-options/#registryaliases