-
Notifications
You must be signed in to change notification settings - Fork 91
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enrich an SBOM using OSSF Security Score Card #598
Comments
We should implement this as a new pipeline. The enrich data can be included in the exports when available. |
I am interested to work on this issue as part of the GSoC program 2023, how can I get more involved in the project? |
404-geek
referenced
this issue
in 404-geek/scancode.io
Jun 26, 2024
developed functions to check for availability nexB#598 Signed-off-by: 404-geek <pranayd61@gmail.com>
Closed
404-geek
referenced
this issue
in 404-geek/scancode.io
Jun 26, 2024
Signed-off-by: 404-geek <pranayd61@gmail.com>
404-geek
referenced
this issue
in 404-geek/scancode.io
Jun 26, 2024
Signed-off-by: 404-geek <pranayd61@gmail.com>
404-geek
referenced
this issue
in 404-geek/scancode.io
Jul 7, 2024
… nexB#598 Signed-off-by: 404-geek <pranayd61@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
From @pombredanne
We already have SBOM export (and import) options in scancode.io supporting SPDX and CycloneDX
SBOMs, and we can enrich this data using the public https://github.com/ossf/scorecard#public-data
or the RestAPI at: https://api.securityscorecards.dev/.
The text was updated successfully, but these errors were encountered: