search

thoth-station / thoth-github-action

GitHub action for communicating with thoth services
GNU General Public License v3.0
0 stars 3 forks source link

Generate SBOM with anchore/sbom-action #58

Open mayaCostantini opened 2 years ago

mayaCostantini commented 2 years ago

Is your feature request related to a problem? Please describe.

As a user of the Thoth Adviser GitHub action, I would like to get a Software Bill Of Materials of my dependencies at the end of the dependency analysis.

Describe the solution you'd like

An option would be to use the anchore/sbom-action on the analyzed repository to optionally generate an SBOM with the dependencies of the project, or any suitable action capable to generate SBOMs.

mayaCostantini commented 2 years ago

/sig stack-guidance /priority important-soon

codificat commented 2 years ago

Related: https://github.com/thoth-station/core/issues/366

sesheta commented 2 years ago

Issues go stale after 90d of inactivity. Mark the issue as fresh with /remove-lifecycle stale. Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

/lifecycle stale

harshad16 commented 2 years ago

/remove-lifecycle stale /lifecycle frozen