Open schewara opened 2 months ago
It seems that many of the other tools out there also support SARIF as a standardized report format, therefore it would be good if vuls would also have support for it.
https://www.mayhem.security/blog/sbom-format-comparison-which-sca-sbom-format-is-best has a nice write-up on it and further links on that topic
I also discovered that SPDX v3 also now supports vulnerabilities, and could be considered as well in addition to it at some other point in time.
It seems that many of the other tools out there also support SARIF as a standardized report format, therefore it would be good if vuls would also have support for it.
https://www.mayhem.security/blog/sbom-format-comparison-which-sca-sbom-format-is-best has a nice write-up on it and further links on that topic
I also discovered that SPDX v3 also now supports vulnerabilities, and could be considered as well in addition to it at some other point in time.