Quantifying your reliance on Open Source software (State of Open Con version) (20 mins read).
A writeup of my talk about the dependency-management-data project at the State of Open Con 2024 conference.
by 
Jamie Tanna
.
#dependency-management-data
#public-speaking
#state-of-open-con
#soocon24
#open-source
#free-software
#sbom.
Using renovate-to-sbom with the GitHub Dependency Submission API (4 mins read).
How to improve the data in GitHub's Dependency Graph by using an SBOM produced by Renovate data.
by Jamie Tanna
.
#dependency-management-data
#renovate
#sbom
#github.
Hey, do you know about supply chain security? ... You mean SBOMs?
Introducing snyk-export-sbom to export SPDX and CycloneDX SBOM from Snyk (2 mins read).
Creating a new command-line tool for more easily retrieving Software Bill of Materials (SBOMs) from Snyk, as well as adding licensing information to SBOMs.
by Jamie Tanna
.
#sbom
#snyk.
Using dependency-management-data with npm's SPDX and CycloneDX SBOM export functionality (1 mins read).
How to get started with npm's SBOM export functionality with dependency-management-data.
Introducing renovate-to-sbom to convert Renovate data to Software Bill of Materials (SBOMs) (1 mins read).
Creating a new command-line tool for converting Renovate data exports to Software Bill of Materials (SBOMs).
by Jamie Tanna
.
#dependency-management-data
#renovate
#sbom.
Plea to Software Composition Analysis (SCA) providers and Software Bill of Materials (SBOMs) producers: give us more data! (2 mins read).
Why I think dependency scanning tooling should be providing as much data as possible about scanned projects, to allow other tooling to make better inferences about the data.
by Jamie Tanna
.
#sbom
#dependency-management-data
#persuasive.
New cookbook on the #DependencyManagementData documentation site: Getting Started with SBOM data
What is curl? curl is an open source command line tool and embeddable library for transferring data over a network.
by Jamie Tanna
.
#security
#curl
#sbom.
This blog post will explore why sharing SBOMs is vital for software transparency and discuss how to generate SBOMs using sbom.sh efficiently.
by Jamie Tanna
.
#sbom.
Using dependency-management-data with GitLab's Pipeline-specific CycloneDX SBOM exports (1 mins read).
How to take advantage of SBOM export functionality in GitLab 16.4 with dependency-management-data.
dependency-management-data now supports Software Bill of Materials (SBOMs) and has better Dependabot support (2 mins read).
Announcing improved support for Dependabot and support for Software Bill of Materials (SBOMs).
Prefer using the GitHub Software Bill of Materials (SBOMs) API over the Dependency Graph GraphQL API (2 mins read).
Why you should use GitHub's Software Bill of Materials API instead of the Dependency Graph GraphQL API.
Everything you need to know about securing the software supply chain.
by Jamie Tanna
.
#sbom.
An SBOM is an inventory of all of the software components you utilize in your applications, made up of third-party open source libraries, vendor provided packages, and first-party artifacts
by Jamie Tanna
.
#sbom.
You're currently viewing page 1 of 1, of 15 posts.