[jira] [Commented] (OFBIZ-13159) Create a 'Software Bill of Materials' (SBOM)

Jacques Le Roux (Jira) Tue, 22 Oct 2024 10:20:38 -0700


    [ 
https://issues.apache.org/jira/browse/OFBIZ-13159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17891945#comment-17891945
 ]


Jacques Le Roux commented on OFBIZ-13159:
-----------------------------------------

It's certainly perfectible before using the bom.jon file, notably as suggested 
at 
https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=287607444#SBOMSoftwareBillofMaterials-UsingSBOMs

One possible thing is to automatically generate it at the end of the build 
process. Adding {{test.finalizedBy(cyclonedxBom)}} at the end of build.gradle 
is enough:  [^OFBIZ-13159-2.patch] 

> Create a  'Software Bill of Materials' (SBOM) 
> ----------------------------------------------
>
>                 Key: OFBIZ-13159
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-13159
>             Project: OFBiz
>          Issue Type: Improvement
>          Components: Gradle
>    Affects Versions: Upcoming Branch
>            Reporter: Jacques Le Roux
>            Assignee: Jacques Le Roux
>            Priority: Minor
>             Fix For: Upcoming Branch
>
>         Attachments: OFBIZ-13159-1.patch, OFBIZ-13159-2.patch, 
> OFBIZ-13159.patch
>
>
> As suggested by 
> https://cwiki.apache.org/confluence/display/SECURITY/SBOM+Software+Bill+of+Materials
> we should create a SBOM



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (OFBIZ-13159) Create a 'Software Bill of Materials' (SBOM)

Reply via email to