tern
tern copied to clipboard
tern-tools
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-...
**Describe the bug** Unable to start tern with the instructions given for vagrant, I followed the instructions in the "Getting Started with Vagrant" section in the Readme: https://github.com/tern-tools/tern. When i...
I have installed TERN & it seems to be working fine for the sample files provided. I have some Docker images locally that I have pulled earlier & want to...
This commits tries to run all the tests no matter what changes any specific commit contains. This way we can validate the commit fully Work towards: 933 Signed-off-by: mtaneja
**Describe the Feature** SPDX 2.3 is proposing adding a package purpose field which could be used to denote when the package is a container (among other package types). Once the...
**Describe the Feature** cvs_bin_tool is currently available to run as an extension in Tern but it will just print the output to console and so it cannot be used in...
**Please read the Code of Conduct before you proceed** [Code of Conduct](/CODE_OF_CONDUCT.md) **Ask your question here** I am interested to know if I could use Tern as a SDK so...
**Please read the Code of Conduct before you proceed** [Code of Conduct](/CODE_OF_CONDUCT.md) **Ask your question here** I am using couple of tools to generate SBOM but no success with C...
**Description** A change to the SPDX 2.3 spec made [currently required licensing fields optional](https://github.com/spdx/spdx-spec/pull/635). **To Do** The omission of these fields, by default, now assumes a NOASSERTION value. If we...
Currently the test coverage verifies that tern runs successfully, but doesn't look at the generated contents. This proposal suggests the following coverage: 1. SPDX * SPDX json * Verify that...
Currently all tests are organised together, which makes it hard to run all locally, as they are platform specific, which prevents creating good and simple instructions for #1164. What do...
Metadata
Owner
Metadata
Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBOM that Tern generates will give you a layer-by-...