Sbomasm

Hey SBOM enthusiasts 👋, These are common challenges faced by all SBOM authors. How can fields such as “NOASSERTION”, “NONE” be filled at a scale ? This issue is widespread because SBOM generation tools often have gaps and limitation. I do not blame any tool for this; it is beyond their capability, as these tools are primarily design to capture the dependencies of a software. SBOM generation depends on various factors, such as the programming language, the package manager used, the type of SBOM build( source build, build time or post build) and the information provided by the software author on their site. ...

Hey SBOM enthusiasts 👋, we all know by now — SBOMs aren’t optional anymore. They’ve become a standard part of the software supply chain, and there’s a lot you can do with them: augmenting, enriching, editing, validating… the list keeps growing. But here’s the thing — while adding and improving data in SBOMs gets most of the attention, sometimes the real power comes from removing what you don’t need. Maybe it’s for privacy, maybe for cleanup, maybe to keep your SBOM lean before sharing it. ...