davsclaus commented on issue #1679: URL: https://github.com/apache/camel-website/issues/1679#issuecomment-4771568345
Blog post added: "SBOMs Are Becoming a Requirement — Apache Camel Already Ships and Supports Them" Covers all five suggested sections: 1. What is an SBOM and the regulatory landscape (EU CRA, US EO 14028) 2. What Camel ships (signed CycloneDX SBOMs since 4.0.3) 3. Generating SBOMs per runtime — Camel CLI (`camel sbom`), Spring Boot (built-in 3.3+ support), Quarkus (native `quarkus-cyclonedx` extension) 4. Combining SBOMs with vulnerability scanners (Dependency-Track, Grype, Trivy) 5. Links to trust page, security advisories, dependency update track record, and security model Also updated the `sbom.adoc` manual page in apache/camel with the correct per-runtime guidance. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
