Potential for upstream merge?

[stevespringett]

Fantastic work on CBOM. I really like how the spec has captured a lot of this data in a way that interoperates with CycloneDX.

The CycloneDX Core Working Group is busy on v1.5 of the spec to be released Q1 or early Q2 2023. However, we may want to consider possible inclusion in CycloneDX v1.6. What are the teams thoughts on this?

[bhess]

Thank you for your interest and for the feedback! A design goal of CBOM was a high level of interoperability with CycloneDX. We are excited to work together with you and the CycloneDX project team towards upstreaming the schema to the CycloneDX v1.6 release next year.

[bhess]

Happy to close this issue with the merge of CBOM to CycloneDX 1.6. Thank you @stevespringett and the CycloneDX community for the great collaboration integrating our specification!