nightlark
commented
5 months ago See https://github.com/ossf/sbom-everywhere/blob/main/reference/sbom_naming.md for some naming convention guidelines.
Open nightlark opened 5 months ago
nightlark
commented
5 months ago See https://github.com/ossf/sbom-everywhere/blob/main/reference/sbom_naming.md for some naming convention guidelines.
Currently setting an input/output SBOM format other than the default requires specifying a flag. However, most of the common specifications seem to have a preferred file extension that we could use to automatically determine the format -- e.g. SPDX JSON files often use
spdx.json.It should be possible to override the automatically detected format choice if needed, but this could make things a bit more user friendly.