PROJ: Add Augur.io enrichments to sbom-harbor

decause-gov commented 1 year ago

MENTOR

@decause-gov

BRIEF DESCRIPTION

sbom-harbor is an open source CMS project that allows for building and monitoring Sofware Bill of Materials (SBOM) files.

https://chaoss.community stewards a variety of risk and growth metrics used to evaulate open source proejcts. It would be a great bridge to connect our internal tools with these open standards.

SCOPING

weeks

REQUIRED DELIVERABLES

Enrichment that connects Augur.io to sbom-harbor

DESIRED DATE WINDOW (June, July, August, Any)

July/August

NOTES/INSPO

SBOM-harbor front-end: https://github.com/CMS-Enterprise/sbom-harbor-ui

SBOM-harbor Back-end: https://github.com/CMS-Enterprise/sbom-harbor

Public Augur Instance: https://metrix.chaoss.io/

CMS-specific OSPO Instance: https://gov.chaoss.tv/

Gaelan commented 1 year ago

oooh it's in Rust!

decause-gov commented 4 months ago

SBOM-harbor has been archived, closing.

DSACMS / open