bom-examples icon indicating copy to clipboard operation
bom-examples copied to clipboard

Published 20 hours ago verified publisher icon CycloneDX

Are there examples of SBOM where the "component" type is "file"?

Open VladimirBoiko opened this issue 2 years ago • 3 comments

Hello, I can't find examples of SBOM where the "component" type is "file" and some component has related components. Could you please provide such examples?

VladimirBoiko avatar May 26 '23 08:05 VladimirBoiko

I'm also interested in such examples, esp. in best practices for file-typed components name fields: The spec's description to use

The name of the component. This will often be a shortened, single name of the component. Examples: commons-lang3 and jquery

does not seem to apply well here. I'd rather expect the name of a file-typed component to be the path to the file relative to the component root.

sschuberth avatar Sep 25 '24 09:09 sschuberth

I would also be interested in such examples.

rudsberg avatar Oct 23 '24 10:10 rudsberg

there is a feature-request for the webpack SBOM generator, to produce file-components with hashes: https://github.com/CycloneDX/cyclonedx-webpack-plugin/issues/1235

as soon as this one is done, i might publish an example here.

jkowalleck avatar Oct 23 '24 10:10 jkowalleck