Add CycloneDX SBOM and generation script
- Add sbom/sbom.cdx.json generated via Syft - Add scripts/gen-sbom.sh for regenerating SBOM - Add sbom/README.md with disclaimer - Update .gitignore to track gen-sbom.sh
This commit is contained in:
unclecode
13
sbom/README.md
Normal file
13
sbom/README.md
Normal file
@@ -0,0 +1,13 @@
|
||||
# Software Bill of Materials (SBOM)
|
||||
|
||||
This directory contains the CycloneDX SBOM for the project.
|
||||
|
||||
## Disclaimer
|
||||
|
||||
This SBOM is generated on a best-effort basis from project metadata and reflects dependencies at the time of generation. It is not a guarantee of completeness or accuracy.
|
||||
|
||||
## Regenerating
|
||||
|
||||
```bash
|
||||
./scripts/gen-sbom.sh
|
||||
```
|
||||
Reference in New Issue
Block a user