issues
search
kubernetes-sigs
/
bom
A utility to generate SPDX-compliant Bill of Materials manifests
https://kubernetes-sigs.github.io/bom/
Apache License 2.0
330
stars
48
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
go.mod: Use uwu-tools/magex
#275
cpanato
closed
1 year ago
1
build(deps): bump gitlab.alpinelinux.org/alpine/go from 0.6.0 to 0.7.0
#274
dependabot[bot]
closed
1 year ago
2
build(deps): bump sigstore/cosign-installer from 3.0.2 to 3.0.3
#273
dependabot[bot]
closed
1 year ago
2
build(deps): bump github.com/in-toto/in-toto-golang from 0.7.1 to 0.8.0
#272
dependabot[bot]
closed
1 year ago
2
add attestation in the release job
#271
cpanato
closed
1 year ago
1
OSInfo: Add support for download location
#270
puerco
closed
1 year ago
2
Add Supplier Support in JSON encoded SBOMs
#269
puerco
closed
1 year ago
2
build(deps): bump actions/checkout from 3.5.1 to 3.5.2
#268
dependabot[bot]
closed
1 year ago
2
build(deps): bump actions/checkout from 3.5.0 to 3.5.1
#267
dependabot[bot]
closed
1 year ago
2
build(deps): bump sigstore/cosign-installer from 3.0.1 to 3.0.2
#266
dependabot[bot]
closed
1 year ago
2
build(deps): bump golang.org/x/tools from 0.7.0 to 0.8.0
#265
dependabot[bot]
closed
1 year ago
2
build(deps): bump github.com/in-toto/in-toto-golang from 0.7.0 to 0.7.1
#264
dependabot[bot]
closed
1 year ago
2
build(deps): bump github.com/spf13/cobra from 1.6.1 to 1.7.0
#263
dependabot[bot]
closed
1 year ago
2
build(deps): bump golang.org/x/mod from 0.9.0 to 0.10.0
#262
dependabot[bot]
closed
1 year ago
2
build(deps): bump golang.org/x/term from 0.6.0 to 0.7.0
#261
dependabot[bot]
closed
1 year ago
2
Outliner: Autodetect open STDIN
#260
puerco
closed
1 year ago
1
Keep reading SBOM until encoding is found
#259
puerco
closed
1 year ago
1
update release binary name
#258
cpanato
closed
1 year ago
4
refactor release
#257
cpanato
closed
1 year ago
1
info? compare and contrast this project viz a viz anchore/syft
#256
rchincha
closed
7 months ago
5
Embed SPDX license list!
#255
puerco
closed
1 year ago
1
build(deps): bump actions/checkout from 3.4.0 to 3.5.0
#254
dependabot[bot]
closed
1 year ago
2
build(deps): bump github.com/go-git/go-git/v5 from 5.6.0 to 5.6.1
#253
dependabot[bot]
closed
1 year ago
2
Update install instructions
#252
puerco
closed
1 year ago
2
SBOMs support dependency hierarchy for file systems and containers
#251
bardenstein
closed
5 months ago
13
Upgrade to go1.20
#250
cpanato
closed
1 year ago
3
update github.com/google/go-containerregistry to v0.14.0
#249
cpanato
closed
1 year ago
1
build(deps): bump actions/setup-go from 3.5.0 to 4.0.0
#248
dependabot[bot]
closed
1 year ago
2
build(deps): bump actions/checkout from 3.3.0 to 3.4.0
#247
dependabot[bot]
closed
1 year ago
2
build(deps): bump github.com/google/go-containerregistry from 0.13.0 to 0.14.0
#246
dependabot[bot]
closed
1 year ago
5
Make license list version configurable
#245
puerco
closed
1 year ago
2
Detect recursion loop in spdx.recursiveIDSearch
#244
puerco
closed
1 year ago
2
Improve handling of 2.3 optional fields
#243
puerco
closed
1 year ago
1
Change tool string to include version
#242
puerco
closed
1 year ago
2
Fix bug breaking license downloads
#241
puerco
closed
1 year ago
3
Panic when building with both --image and --file
#240
jaevans
closed
1 year ago
3
build(deps): bump golang.org/x/tools from 0.6.0 to 0.7.0
#239
dependabot[bot]
closed
1 year ago
4
build(deps): bump golang.org/x/term from 0.5.0 to 0.6.0
#238
dependabot[bot]
closed
1 year ago
2
build(deps): bump golang.org/x/mod from 0.8.0 to 0.9.0
#237
dependabot[bot]
closed
1 year ago
2
build(deps): bump github.com/go-git/go-git/v5 from 5.5.2 to 5.6.0
#236
dependabot[bot]
closed
1 year ago
2
[SPDX][TV/JSON] SBOM required field 'Creator' is missing/incorrect
#235
surendrapathak
closed
1 year ago
1
build(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.2
#234
dependabot[bot]
closed
1 year ago
2
build(deps): bump github.com/in-toto/in-toto-golang from 0.6.0 to 0.7.0
#233
dependabot[bot]
closed
1 year ago
2
build(deps): bump github.com/in-toto/in-toto-golang from 0.3.4-0.20211211042327-af1f9fb822bf to 0.6.0
#232
dependabot[bot]
closed
1 year ago
5
Fix example directions
#231
rnjudge
closed
1 year ago
4
SPDX2.2: bom generates SBOM with invalid value for packageVerificationCodeValue
#230
surendrapathak
closed
1 year ago
0
build(deps): bump golang.org/x/tools from 0.5.0 to 0.6.0
#229
dependabot[bot]
closed
1 year ago
2
build(deps): bump golang.org/x/mod from 0.7.0 to 0.8.0
#228
dependabot[bot]
closed
1 year ago
2
build(deps): bump golang.org/x/term from 0.4.0 to 0.5.0
#227
dependabot[bot]
closed
1 year ago
2
build(deps): bump github.com/maxbrunsfeld/counterfeiter/v6 from 6.5.0 to 6.6.1
#226
dependabot[bot]
closed
1 year ago
2
Previous
Next