Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Add SBOM to releases #500

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 8 commits into from
Sep 25, 2021
Merged

Add SBOM to releases #500

merged 8 commits into from
Sep 25, 2021

Conversation

@kzantow
Copy link
Contributor

@kzantow kzantow commented Sep 10, 2021
edited
Loading

This will automatically create an SBOM (using the sbom-action version of Syft) during the release phase and add it as a release artifact with the name sbom.spdx.json. See: anchore/sbom-action#70 for more information.

@kzantow kzantow changed the title [WiP] Add release SBOM generation Add release SBOM generation Sep 24, 2021
@kzantow kzantow changed the title Add release SBOM generation Add SBOM to releases Sep 24, 2021
@kzantow kzantow mentioned this pull request Sep 24, 2021
Closed
@kzantow kzantow requested a review from a team September 24, 2021 16:28
@kzantow
update sbom-action version
d5461dd 
Signed-off-by: Keith Zantow <[email protected]>
@kzantow kzantow merged commit e5caba0 into anchore:main Sep 25, 2021
@kzantow kzantow deleted the add-sbom-action branch September 25, 2021 00:21
spiffcs added a commit that referenced this pull request Sep 30, 2021
@spiffcs
Merge branch 'main' into 460-debian-license-upgrade
0095f69 
* main:
  Add vendor + product known good CPE field values (#517)
  Add SBOM to releases (#500)
  Add announcement for KubeCon meetup (#515)
  Prevent invalid CPE field values (#514)
  Filter out CPE product candidates that are asterisks (#513)
  Use Anchore fork of packageurl lib without replace directive (#512)
  update log file permissions to 0644 (#511)

Signed-off-by: Christopher Angelo Phillips <[email protected]>
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
@kzantow
Add SBOM to releases (anchore#500)
baf830e 
Signed-off-by: Keith Zantow <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@luhring luhring luhring approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kzantow @luhring