Open sxa opened 3 weeks ago
From today's secure dev call, we should look at the use cases for our SBoM files and decide which ones we wish to support, and then create follow-on work items to ensure we can support them.
I think ensuring that dependency-track can consume it and create artifacts (vdr/vex) would be a good thing to be able to do
From today's secure dev call, we should look at the use cases for our SBoM files and decide which ones we wish to support, and then create follow-on work items to ensure we can support them.