Skip to content

mcombuechen/sbom-distribution-examples

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits
.github
.github
 
 
fixtures
fixtures
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
TODO.md
TODO.md
 
 

Repository files navigation

SBOM Distribution Examples

A test repository to play around with SBOM ditribution.

Features of GitHub Action

  • Run on every GitHub release
  • generate SBOM for many ecosystems (npm, pypi, maven, ...)
  • generate SBOM with many generators (snyk, syft, cdxgen, ...)
  • generate SBOM in many formats (SPDX, CycloneDX)
  • Post documents to Release Artifacts

TODOs

  • get hold of contextual information about release (ID, version, ...)
  • move logic into action directory
  • post SHA256 of SBOM as artifact

About

Just a sample project to play around with

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases 18

v0.11.3 Latest
Jul 14, 2023
+ 17 releases

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages