A writeup of my talk about the dependency-management-data project at the State of Open Con 2024 conference.
How to improve the data in GitHub's Dependency Graph by using an SBOM produced by Renovate data.
Hey, do you know about supply chain security? ... You mean SBOMs?
Creating a new command-line tool for more easily retrieving Software Bill of Materials (SBOMs) from Snyk, as well as adding licensing information to SBOMs.
How to get started with npm's SBOM export functionality with dependency-management-data.
Creating a new command-line tool for converting Renovate data exports to Software Bill of Materials (SBOMs).
Why I think dependency scanning tooling should be providing as much data as possible about scanned projects, to allow other tooling to make better inferences about the data.
What is curl? curl is an open source command line tool and embeddable library for transferring data over a network.
How to take advantage of SBOM export functionality in GitLab 16.4 with dependency-management-data.
Announcing improved support for Dependabot and support for Software Bill of Materials (SBOMs).
Why you should use GitHub's Software Bill of Materials API instead of the Dependency Graph GraphQL API.
An SBOM is an inventory of all of the software components you utilize in your applications, made up of third-party open source libraries, vendor provided packages, and first-party artifacts
You're currently viewing page 1 of 1, of 15 posts.