You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Valid SBOMs can have a range of issues; missing pURLs, missing or invalid licenses, or just 'garbage' data. Ingesting such SBOMs can often lead to surprising results which we should minimally at least be able to report on.
Existing reporting should be improved to be able to 'score' an SBOM's quality and make explicit so end users can assess risk properly.
Towards this goal - developing a small, focused utility that we can consider adding as a dep to trustify.
The text was updated successfully, but these errors were encountered:
Valid SBOMs can have a range of issues; missing pURLs, missing or invalid licenses, or just 'garbage' data. Ingesting such SBOMs can often lead to surprising results which we should minimally at least be able to report on.
Existing reporting should be improved to be able to 'score' an SBOM's quality and make explicit so end users can assess risk properly.
Towards this goal - developing a small, focused utility that we can consider adding as a dep to trustify.
The text was updated successfully, but these errors were encountered: