Closed garethr closed 1 year ago
The OpenSSF Scorecards project now has an API. Needs some discussion of how best to add Scorecard data to an SBOM.
Some conversation in the context of CycloneDX in the CycloneDX Slack. The new annotations in the upcoming v1.5 look like the best option.
Closed in #13
garethr
commented
1 year ago garethr
commented
1 year ago
The OpenSSF Scorecards project now has an API. Needs some discussion of how best to add Scorecard data to an SBOM.
Some conversation in the context of CycloneDX in the CycloneDX Slack. The new annotations in the upcoming v1.5 look like the best option.