Closed norrisjeremy closed 7 months ago
cjdcordeiro
commented
7 months ago Hi @norrisjeremy
Not atm. One of the incoming features though is what we call the Chisel DB, which basically is where Chisel will record everything it installs into the fs. That DB can afterwards be manipulated to generate an SBOM, if you need something in the short term
norrisjeremy
commented
7 months ago Hi @cjdcordeiro,
Something along those lines will work perfectly! Our objective is simply to be able to record the exact versions of the various software components that are included.
Thanks, Jeremy
cjdcordeiro
commented
7 months ago great. the best way to keep up to date with the ongoing development and news is to join our community and follow our Discourse/Matrix channels. See https://ubuntu.com/community/governance/teams/rocks.
I'm closing this issue since there's already a similar one at #51
Are there any plans to have chisel generate an SBOM (either SPDX or CycloneDX format) from all the package slices it installs into the specified root directory?