Yet another Linux and open source enthusiast @microsoft working in @Azure
- Seattle, WA
- http://jmp.soy
- @bureado
Highlights
Block or Report
Block or report bureado
Report abuse
Contact GitHub support about this user’s behavior. Learn more about reporting abuse.
Report abusePinned
-
1
# Post-modern Linux packaging: additional reading
23## Summary
45This document compiles 2018 coverage around post-modern packaging technologies for Linux, including packaging formats like Snaps and Flatpaks, systems like Nix and Guix and full distros such as Atomic or Clear Linux.
-
1
# Conceptual SBOM model for an APT-based Linux distribution
23This is a draft of an entirely exploratory learning exercise to generate SBOMs from first principles that can accompany an APT-based Linux distribution, which in this context is either a disk or a container image obtained from any source including runtime instances, packaged images, debootstraps, etc. Input and comments welcome: [Twitter](https://twitter.com/bureado) and also on the CNCF, CycloneDX, CDF, Sigstore and other Slacks.
45## Status
-
Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.
-
A compilation of resources in the software supply chain security domain, with emphasis on open source