You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Based on the Open SSF SBOM Naming recommendations (draft at this point), there should be separate SBOM's for the binary artifacts and the source artifacts.
We currently include the source information and the build information in the same SBOM as the source.
One thought is to have 3 SBOM - consolidated, source only, build only.
The text was updated successfully, but these errors were encountered:
Based on the Open SSF SBOM Naming recommendations (draft at this point), there should be separate SBOM's for the binary artifacts and the source artifacts.
We currently include the source information and the build information in the same SBOM as the source.
One thought is to have 3 SBOM - consolidated, source only, build only.
The text was updated successfully, but these errors were encountered: