Scans Software Bill of Materials (SBOMs) for security vulnerabilities
-
Updated
May 13, 2024 - Go
Scans Software Bill of Materials (SBOMs) for security vulnerabilities
Example goreleaser + github actions config with keyless signing and SBOM generation
A demonstration of how GoReleaser can help us to make software supply chain more secure by using bunch of tools such as cosign, syft, grype, slsa-provenance
First part of a small tool series. The Task of the tool series is to scan a project for its dependencies convert them to a usable format, fetches metadata for these packages and genrate a ots/foss document. This tool converts any sbom output to a from me defined output
Add a description, image, and links to the syft topic page so that developers can more easily learn about it.
To associate your repository with the syft topic, visit your repo's landing page and select "manage topics."