sbom-harbor is an open source CMS project that allows for building and monitoring Sofware Bill of Materials (SBOM) files.
https://chaoss.community stewards a variety of risk and growth metrics used to evaulate open source proejcts. It would be a great bridge to connect our internal tools with these open standards.
MENTOR
@decause-gov
BRIEF DESCRIPTION
sbom-harbor is an open source CMS project that allows for building and monitoring Sofware Bill of Materials (SBOM) files.
https://chaoss.community stewards a variety of risk and growth metrics used to evaulate open source proejcts. It would be a great bridge to connect our internal tools with these open standards.
SCOPING
REQUIRED DELIVERABLES
DESIRED DATE WINDOW (June, July, August, Any)
NOTES/INSPO
SBOM-harbor front-end: https://github.com/CMS-Enterprise/sbom-harbor-ui
SBOM-harbor Back-end: https://github.com/CMS-Enterprise/sbom-harbor
Public Augur Instance: https://metrix.chaoss.io/
CMS-specific OSPO Instance: https://gov.chaoss.tv/