You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the near future, and as the artifacts that the AlmaLinux Build System produces change over time, we should need to provide a way to update already existing SBOMs.
I've made a question to cyclonedx-python-lib guys and apparently, this is something they're already working on. We should keep an eye on them and include their work on that as soon as is released.
The text was updated successfully, but these errors were encountered:
They provide a new way to create an SBOM model by using either Bom.from_json and Bom.from_xml
Also, the version field is now editable
I tested that with the output we provide already, everything works as expected
As far as I can tell, the only missing thing when reusing an already generated SBOM is that the bom-ref field ends up like this "bom-ref": {}, and the dependencies block ends up like this
"dependencies": [
{
"ref": {}
}
]
Which is maybe related to the fact that the PR is still a draft 😅
Thanks for adding support for CycloneDX, @javihernandez. Not sure if the maintainers are aware of the few issues you've outlined, but I'd recommend adding them to the ticket so they're addressed.
In the near future, and as the artifacts that the AlmaLinux Build System produces change over time, we should need to provide a way to update already existing SBOMs.
I've made a question to cyclonedx-python-lib guys and apparently, this is something they're already working on. We should keep an eye on them and include their work on that as soon as is released.
The text was updated successfully, but these errors were encountered: