Scott Kempf
Scott Kempf
Look at the following documents: https://www.ntia.gov/files/ntia/publications/ntia_sbom_framing_2nd_edition_20211021.pdf https://www.ntia.doc.gov/files/ntia/publications/sbom_minimum_elements_report.pdf We think that the following minimum baseline attributes are missing from the sbom. - /metadata/authors (of the SBOM) - /metadata/Supplier - /metadata/component/publisher It...
I am new to purl and sbom, so it is possible that I am not understanding this correctly. From: https://github.com/package-url/purl-spec/blob/master/PURL-SPECIFICATION.rst > **namespace**: some name prefix such as a Maven groupid,...
The current implementation of Cpe in https://github.com/CycloneDX/cyclonedx-rust-cargo/blob/main/cyclonedx-bom/src/models/component.rs does not allow access to the member variable and provides no constructors. Some way to construct Cpes in applications which use the bom...