Ritesh Noronha

We work a lot with sboms and created a tool to help check the quality of sboms we recv, we have opensourced it here [sbomqs](https://github.com/interlynk-io/sbomqs). NTIA minimum elements is our...

As sbom generator tools are updated on a regular basis, it would be good idea to monitor the quality of the sbom. https://github.com/interlynk-io/sbomqs helps by generating a quality score for...

@candrews yes we are currently evaluating 1.5 and will be updating all our tools to support Cyclonedx 1.5 and SPDX 3.0. Will update this thread once we get this done.

@candrews 1.6 support has been added as of 0.1.1

we have created an open-source tool to help you do just this. As simple as `sbomqs share ` output example https://sbombenchmark.dev/user/score?id=eb4903f6-88df-46bd-adb1-e5ea85cdc88f https://github.com/interlynk-io/sbomqs

Awesome. Would love any feedback.

Yes we should support a mode called "Merge as assembly". Will work on it soon.

@flemminglau thanks for this feedback, this has been implemented only for Cyclonedx. Please give it a shot.

Good feedback. Let me address those soon. Also if you need any help resolving `unsupported Cyclonedx versions` would be glad to help out.

@flemminglau We have a free tier in our commercial product which you could use to achieve this, if you are interested let me know, i can set u up.