fatbom
fatbom copied to clipboard

→

Metadata

fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool's strength.

Reame
Issues

Results 4 fatbom issues

Sort by recently updated

Invalid SPDX published for fatbom project

2

**Name of the app** fatbom **Describe the bug** The merged sbom built with the project is invalid. **To Reproduce** While applying [quality checks](https://github.com/interlynk-io/sbomqs) on SBOMs , I found merged spdx...

surendrapathak

Integrate Scancode

The license detection is currently meh. Scancode will vastly improve this.

sbs2001

Use official images for microsoft's SBOM tool.

See https://github.com/microsoft/sbom-tool/pull/110#issuecomment-1273604042

sbs2001

K8 BOM: Fix golang PURLs

Tracked upstream at https://github.com/kubernetes-sigs/bom/issues/169 . For now purls by `bom` would be ignored if the package has been detected by `syft`.

sbs2001

About

fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool's strength.

sbom

supply-chain

cpe

purl

32

Stars

0

Forks

Watchers

Owner

VexStore

← Metadata

32

Stars

0

Forks

Watchers

Owner

VexStore

Metadata

fatbom (Fat Bill Of Materials) is a tool which combines the SBOM generated by various tools into one fat SBOM. Thus leveraging each tool's strength.

Back

fatbom fatbom copied to clipboard

Metadata

Invalid SPDX published for fatbom project

Integrate Scancode

Use official images for microsoft's SBOM tool.

K8 BOM: Fix golang PURLs

← Metadata

Owner

Metadata

fatbom
fatbom copied to clipboard