Looks very interesting indeed. More and more big accounts are asking for it.
Alexandre Le ven. 27 sept. 2024 à 15:21, Andrea Aime < andrea.a...@geosolutionsgroup.com> a écrit : > Hi all, > I've been asked to generate a Sofware Bills of Materials for a given > version and a give set of plugins for GeoServer. Found the cyclonedx plugin > that seems to fit the bill (pun intended) > and thought I'd share the setup and results with you, using a draft PR: > > https://github.com/geoserver/geoserver/pull/7915 > > This provides a way to generate a SBOM for a given set of plugins (just > enable the profiles). > I see that some software is already adding the SBOM as part of their > release and maybe we should do the same? However, not sure how to handle > the pluggable nature of GeoServer. > Maybe have a main sbom, and generate one for each plugin in addition? > > I hear that CycloneDX SBOM files can be merged. > > Anyways... food for thought. I have what I need, a way to generate a SBOM > for a given GeoServer version and set of plugins, if we can make it > something that is part of the release process (in a fully automated way, of > course), all the better. > > Regards, > > Andrea Aime > > > == > > > GeoServer Professional Services from the experts! > > Visit http://bit.ly/gs-services-us for more information. > > == > > Ing. Andrea Aime > @geowolf > Technical Lead > > GeoSolutions Group > phone: +39 0584 962313 > > fax: +39 0584 1660272 > > mob: +39 339 8844549 > > https://www.geosolutionsgroup.com/ > > http://twitter.com/geosolutions_it > > ------------------------------------------------------- > > Con riferimento alla normativa sul trattamento dei dati personali (Reg. UE > 2016/679 - Regolamento generale sulla protezione dei dati “GDPR”), si > precisa che ogni circostanza inerente alla presente email (il suo > contenuto, gli eventuali allegati, etc.) è un dato la cui conoscenza è > riservata al/i solo/i destinatario/i indicati dallo scrivente. Se il > messaggio Le è giunto per errore, è tenuta/o a cancellarlo, ogni altra > operazione è illecita. Le sarei comunque grato se potesse darmene notizia. > > This email is intended only for the person or entity to which it is > addressed and may contain information that is privileged, confidential or > otherwise protected from disclosure. We remind that - as provided by > European Regulation 2016/679 “GDPR” - copying, dissemination or use of this > e-mail or the information herein by anyone other than the intended > recipient is prohibited. If you have received this email by mistake, please > notify us immediately by telephone or e-mail > _______________________________________________ > Geoserver-devel mailing list > Geoserver-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/geoserver-devel > -- Alexandre Gacon
_______________________________________________ Geoserver-devel mailing list Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel
