Merge remote-tracking branch 'origin/master'

CycloneDX · May 3, 2024 · 4941491 · 4941491
2 parents d3481a7 + f1f2d39
commit 4941491
Show file tree

Hide file tree

Showing 4 changed files with 100 additions and 0 deletions.
diff --git a/.github/workflows/pr_label_toolcenter.yml b/.github/workflows/pr_label_toolcenter.yml
@@ -0,0 +1,26 @@
+# see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
+name: PR Label ToolCenter
+on:
+  pull_request:
+    # see https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request
+    types:
+      - opened
+    branches: 
+      - 'master'
+    paths:
+      - '_data/tools.yml'
+permissions:
+  # see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
+  pull-requests: write
+jobs:
+  label_issues:
+    runs-on: ubuntu-latest
+    steps:
+      - name: label the PR
+        # see https://docs.github.com/en/actions/managing-issues-and-pull-requests/adding-labels-to-issues#creating-the-workflow
+        run: gh issue edit "$NUMBER" --add-label "$LABELS"
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GH_REPO: ${{ github.repository }}
+          NUMBER: ${{ github.event.pull_request.number }}
+          LABELS: 'tool-center'
diff --git a/CODEOWNERS b/CODEOWNERS
@@ -0,0 +1,5 @@
+# see https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
+
+# all Core Team members are default-reviewers of new pull requests.
+# see https://github.com/orgs/CycloneDX/teams/core-team
+*  @CycloneDX/core-team
diff --git a/_data/tools.yml b/_data/tools.yml
@@ -1868,3 +1868,44 @@
   - opensource
   - analysis
   - distribution
+- name: SUM Platform
+  publisher: Security Pattern
+  description: SBOM management and vulnerability monitoring platform for IoT and embedded systems. Show compliance to regulations and standards and manage risk across the entire product lifecycle.
+  websiteUrl: https://www.securitypattern.com/sumplatform
+  categories:
+  - proprietary
+  - analysis
+  - build-integration
+- name: SBOM Vendor Management
+  publisher: SettleTop, Inc.
+  description: Manage, assess, store and monitor all your vendor’s SBOMs in one secure, centralized dashboard to improve supply chain security.
+  websiteUrl: https://www.settletop.com/sbom
+  categories:
+  - proprietary
+  - analysis
+- name: Rollup Plugin SBOM
+  publisher: Jan Biasi
+  description: Creates CycloneDX SBOMs for frontend Javascript applications that have  been bundled with rollup or vite.
+  repoUrl: https://github.com/janbiasi/rollup-plugin-sbom
+  websiteUrl: https://github.com/janbiasi/rollup-plugin-sbom
+  categories:
+  - opensource
+  - build-integration
+- name: Product Security Hub (PSH)
+  publisher: Product Security Hub, LLC
+  description: Product Security Hub (PSH) is a cloud-based tool that provides capabilities to import, export, view, create, edit, and transform CycloneDX SBOMs and human-readable SBOMs, as well as view, add, and edit vulnerabilities as VEX data within CycloneDX SBOMs.
+  websiteUrl: https://www.ProductSecurityHub.com/
+  categories:
+  - proprietary
+  - analysis
+  - transform
+  - author
+- name: Surfactant
+  publisher: LLNL
+  description: A modular framework for extracting file information and relationships for filesystems, with an SBOM as the primary output. Also supports limited SBOM merging, editing, and conversion between formats. Several of the supported file types include PE (both native and .NET), ELF, and MSI files.
+  repoUrl: https://github.com/LLNL/Surfactant
+  websiteUrl: https://github.com/LLNL/Surfactant
+  categories:
+  - opensource
+  - transform
+  - library
diff --git a/about/working-groups/working-groups.json b/about/working-groups/working-groups.json
@@ -4404,5 +4404,33 @@
     "categories": [
       "contributors"
     ]
+  },
+  {
+    "displayName": "zkstchhh",
+    "lastName": "zkstchhh",
+    "headshot": "https://avatars.githubusercontent.com/u/165038306?v=4",
+    "organization": null,
+    "description": null,
+    "twitter": null,
+    "linkedin": null,
+    "github": "zkstchhh",
+    "homepage": "https://github.com/zkstchhh",
+    "categories": [
+      "contributors"
+    ]
+  },
+  {
+    "displayName": "XSpielinbox",
+    "lastName": "xspielinbox",
+    "headshot": "https://avatars.githubusercontent.com/u/55600187?v=4",
+    "organization": null,
+    "description": null,
+    "twitter": null,
+    "linkedin": null,
+    "github": "XSpielinbox",
+    "homepage": "https://github.com/XSpielinbox",
+    "categories": [
+      "contributors"
+    ]
   }
 ]