OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX
We currently do not have a way to track the full list of all contributors for a component version. Since contributors could be different from authors, we need a better mechanism to track individual committers and authors using nested components or externalReferences (which could be a URL or BOM-Link).
We currently do not have a way to track the full list of all contributors for a component version. Since contributors could be different from authors, we need a better mechanism to track individual committers and authors using nested components or externalReferences (which could be a URL or BOM-Link).