Marco Ippolito
Marco Ippolito
Moving to runtime deprecation with https://github.com/nodejs/node/pull/51179
@syg the flag has moved to runtime deprecation, afaik it will be released in the next major (22).
I see that [CycloneDX](https://github.com/CycloneDX/cdxgen) is quite popular, should we give it a try? What kind of tool should we use?
So I gave it a try on my machine and unfortunately my macbook went OOM and crashed. Since Node is a fairly large project it's an expensive operation that falls...
The ideal goal is to ship a SBOM for every executable we release, since every platform might have slight difference settings, tools, dependendencies (? I'm not sure this is true)....
@pombredanne so my idea to get started is : 1. run cdxgen for each package in `/deps` folder for npm packages, 2. run cdxgen for tools and github actions 3....
I'm wondering which installation method should we use on our machine, link to guide [guide](https://github.com/CycloneDX/cdxgen#installing)
I'll remove events.on
@mcollina are there any other packages from this issue that could be worth trying to remove?