Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SBOM file to repository #185

Open
d33bs opened this issue Apr 11, 2024 · 0 comments
Open

Add SBOM file to repository #185

d33bs opened this issue Apr 11, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@d33bs
Copy link
Member

d33bs commented Apr 11, 2024

Software bill of materials (SBOM) are used to help ensure security for open source projects and users (link). This issue outlines considerations about adding the SBOM as a visible artifact with this repo (more recently, it seems common to find these as SPDX JSON files). This data is also available from GitHub's API (though it's less visible how/when this is updated). The data may be manually downloaded also. Related tooling. Ideally this would be something that could be automatically updated / checked.
@d33bs d33bs added the enhancement New feature or request label Apr 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@d33bs