Dick At last month's SBOM-a-rama, SEI said they were going to do a plugfest to look at different tools generating SBOMs. I assume they will be looking at both formats (SPDX and CycloneDX) and I presume versions as well. However, I don't know the timescales. Given the amount of changes to both specifications I think this will be a good time to take stock of how the SBOM generation landscape is looking and how up to date the tools are with the latest specifications. I frequently come up against tools generating SPDX 2.2 which predates the US Exec order.
Regards Anthony -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#5750): https://lists.spdx.org/g/Spdx-tech/message/5750 Mute This Topic: https://lists.spdx.org/mt/109006563/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/Spdx-tech/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
