Add sonatype as SBOM generator

aquasecurity / chain-bench

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

Apache License 2.0

717 stars 62 forks source link

Closed davidsalame1 closed 2 years ago

davidsalame1 commented 2 years ago

sonatype has an SBOM generation tool called "jake", it should be one of the SBOM tools.

[x] I've read the guidelines for contributing to this repository.
[x] I've followed the conventions in the PR title.
[x] I've updated the readme with the relevant information (if needed).
[x] I've added usage information (if the PR introduces new options)
[x] I've included a "before" and "after" example to the description (if the PR is a user interface change).

CLAassistant commented 2 years ago

All committers have signed the CLA.