The proposed charter contains this statement:
A single product is composed of multiple sub-products coming from different suppliers. There is no agreed-upon standard to compose information from different producers."
An SBOM, in either SPDX or CycloneDX format provides information about components contained in a software product. May want to consider a reference to these two SBOM standards, within the context of the above statement
The proposed charter contains this statement: A single product is composed of multiple sub-products coming from different suppliers. There is no agreed-upon standard to compose information from different producers."
An SBOM, in either SPDX or CycloneDX format provides information about components contained in a software product. May want to consider a reference to these two SBOM standards, within the context of the above statement