potiuk commented on issue #34238: URL: https://github.com/apache/airflow/issues/34238#issuecomment-1712559486
We need to find a good way to make it easy/machine readable/standard way to index and find all sboms for all our artifacts. We will have a certain convention on hosting it in `http://airflow.apache.org"; but this is hardly "standardized". There are a couple of options we might have: 1) we could find if there are some existing standards to index SBOMS 2) if not - we could use DOAPs of the ASF to embed this information (this is an ASF-way to keep information about projects) - I already started a discussion about it at [email protected]: https://lists.apache.org/thread/0f84xwc2ct7s0h0pdtgsskshd3qz9t54 3) any other options we can come up with -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
