Hi Olle, Yes, I realised by now that taking enabled Kamailio modules into account when generating SBOM is too much to ask. I'd be ok with obtaining full list of Kamailio dependencies (with transitive dependencies if possible) and then manually filtering them based on module usage. Not sure if at any point during Kamailio build process all sources + dependency sources/binaries are present in the system for scanning/identification?
I'm mainly interested in listing (and validating licenses) and having a general inventory. Any recommendations? -- Ivan Ribakov Software Engineer www.zaleos.net On Thu, 28 Sept 2023 at 10:58, Olle E. Johansson via sr-users < [email protected]> wrote: > Still digging through this. There are tools that can list your packages if > you install Linux packages, i.e. Debian. > But there are no tools that can parse your kamailio config to really see > what’s loaded and active. > > It all depends on what you want to do with the SBOM - if you want to check > for vulnerabilities, list licenses > or have a generic inventory. > > /O > > On 28 Sep 2023, at 09:41, Henning Westerholt via sr-users < > [email protected]> wrote: > > Hello, > > I think Olle was looking into that some month ago, maybe (when he reads > it) can share some of his research results if possible. > You can also find some of his articles e.g., on his linkedin page. > > Cheers, > > Henning > > -- > Henning Westerholt – https://skalatan.de/blog/ > Kamailio services – https://gilawa.com > > *From:* Ivan Ribakov via sr-users <[email protected]> > *Sent:* Mittwoch, 27. September 2023 21:11 > *To:* Kamailio (SER) - Users Mailing List <[email protected]> > *Cc:* Ivan Ribakov <[email protected]> > *Subject:* [SR-Users] Software bill of materials (SBOM) > > Any recommendations for a tool that can generate SBOM for a Kamailio > instance based on configured modules? > > Thanks, > Ivan > __________________________________________________________ > Kamailio - Users Mailing List - Non Commercial Discussions > To unsubscribe send an email to [email protected] > Important: keep the mailing list in the recipients, do not reply only to > the sender! > Edit mailing list options or unsubscribe: > > > __________________________________________________________ > Kamailio - Users Mailing List - Non Commercial Discussions > To unsubscribe send an email to [email protected] > Important: keep the mailing list in the recipients, do not reply only to > the sender! > Edit mailing list options or unsubscribe: >
__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
