Matthias Glastra
Matthias Glastra
Another way to phrase this is the ability to do SBOM append. And add B to A. Where B is a dependency of A.
I would say that the first structure is what I hope to get. The reason is that 'most' of the time you will have a file SBOM-1 that has its...
Hi @viveksahu26 that is indeed what I was looking for. This is the way that I would want to represent it. There is one nuance which is more of an...
I was already looking for the right wording indeed. The example that you created looses the relationship that `sbomgr` has with `billiard` and `botocore`. But apart from that its correct...
Does the linked PR cover everything you meant in this ticket @ChaosInTheCRD or is something still missing?
@mikhailswift you think this is a "good first issue"
@colek42 is there anything blocking this from moving forward at this point?
Splitting it in multiple PRs is also an option if it aims to improve the overall quality. And make them green one by one.
One thing I like to add already is a point i have discussed with @jkjell and @kairoaraujo before. Its the fact that go-witness tip of main is not always the...
The point is not that everything needs to come from witness though. It is about the fact that go-witness can be ahead of what people are actually using. When we...