Same with Airflow - we are just about to release 2.10.3 and I am working on improving our sboms, so I can upload the new ones - maybe even I will automate PR creation after publishing them - it would be great to automate it.
J. On Mon, Oct 21, 2024 at 3:40 PM Andrea Cosentino <anco...@gmail.com> wrote: > Amazing stuff, thanks a lot. > > I'll raise some PRs to add new stuff from Apache Camel! > > Il giorno lun 21 ott 2024 alle ore 15:35 Arnout Engelen < > enge...@apache.org> > ha scritto: > > > Hello, > > > > During a recent discussion elsewhere we figured it might be nice to > collect > > the SBOMs currently published by Apache projects in a single place to > > facilitate experimentation. I've put those at > > https://github.com/apache/security-site/tree/sboms/sboms for now. As you > > can see there's already a fair number of ASF projects publishing SBOMs, > and > > I'm sure I've missed some - LMK. > > > > I also created an interactive visualization showing the > interrelationships > > between projects that are publishing SBOMs. You can find it at > > https://security-tools-ec2-va.apache.org/sbom/. You can enable/disable > > projects and drag nodes around - best enjoyed on desktop :). If you're > > missing any projects, help them get their SBOMs published and included! > > > > If you want to read up on SBOMs or share knowledge, check out > > > > > https://cwiki.apache.org/confluence/display/SECURITY/SBOM+Software+Bill+of+Materials > > > > > > Kind regards, > > > > -- > > Arnout Engelen > > ASF Security Response > > Apache Pekko PMC member, ASF Member > > NixOS Committer > > Independent Open Source consultant > > >
