specification
specification copied to clipboard
CycloneDX
OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and V...
Adding an XML catalog file and corresponding Java unit tests to validate the XML catalog content match local XSD file content. Please see also: https://github.com/CycloneDX/specification/pull/477 I needed to modify the...
Streebog hashing algorithm is widely used in Russia (national standard GOST R 34.11-2012). The function is also described in ISO/IEC 10118-3:2018 and RFC 6986. see https://www.rfc-editor.org/rfc/rfc6986 It is proposed to...
## Describe the feature In some review processes, it's essential to ensure that certain declarations or attestations remain valid for a specified period. To achieve this, we need to implement...
## Describe the feature Vulnerabilities can have an [EPSS](https://www.first.org/epss/) score attached to them. This describes the probability of a vulnerability being exploited. As of spec version 1.6, there is no...
The XML Schema HTML viewer generator script `docgen/xml/gen.sh` supports generating only for one particular CycloneDX version, including the possibility of generating the HTML only for draft version of CycloneDX during...
The JSON Schema HTML viewer generator script `docgen/json/gen.sh` supports generating only for one particular CycloneDX version, including the possibility of generating the HTML only for draft version of CycloneDX during...
fixes #266
fixes #498
Bumps [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.3.0 to 3.4.0. Commits 3ae062d [maven-release-plugin] prepare release surefire-3.4.0 f0de8c0 Bump org.htmlunit:htmlunit from 4.3.0 to 4.4.0 817695a Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.16.0 675c02a Bump org.apache.commons:commons-compress from...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
## Add Steward to the CycloneDX Specification This is a suggestion to add a field in the specification to indicate if there is a steward (see, EU-CRA - Article 24...
