Kate,
REA has successfully tested the Daggerboard SPDX SBOM and has created a baseline NIST Vulnerability Disclosure Report based on the SBOM provided. Any chance we could get the Daggerboard authors to contribute to the next DocFest: NewYork-Presbyterian Hospital https://github.com/nyph-infosec/daggerboard/archive/refs/tags/v1.0.3.zip (SPDX SBOM is contained in this zip file) Here is a baseline NIST Vulnerability Disclosure Report for Daggerboard, generated by SAG-PM: https://raw.githubusercontent.com/rjb4standards/REA-Products/master/DaggerBo ard_1_0_2-VDR.json Thanks, Dick Brooks Active Member of the CISA Critical Manufacturing Sector, Sector Coordinating Council - A Public-Private Partnership <https://reliableenergyanalytics.com/products> Never trust software, always verify and report! T <http://www.reliableenergyanalytics.com/> http://www.reliableenergyanalytics.com Email: <mailto:[email protected]> [email protected] Tel: +1 978-696-1788 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#4897): https://lists.spdx.org/g/Spdx-tech/message/4897 Mute This Topic: https://lists.spdx.org/mt/95852870/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/Spdx-tech/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
