Mike Jumper created GUACAMOLE-2082:
--------------------------------------
Summary: Produce SBOMs in addition to LICENSE files
Key: GUACAMOLE-2082
URL: https://issues.apache.org/jira/browse/GUACAMOLE-2082
Project: Guacamole
Issue Type: Wish
Components: guacamole-client
Reporter: Mike Jumper
The {{guacamole-client}} project and various subprojects currently autogenerate
a {{LICENSE}} file containing not only the license applying specifically to the
software we produce, but also the licenses that apply to all bundled software
(see
[{{doc/licenses/generate-license-files.sh}}|https://github.com/apache/guacamole-client/blob/82762fade3a17f4d90d780f2a7a1e4c41da6d095/doc/licenses/generate-license-files.sh]).
This is done only for {{guacamole-client}}, because only {{guacamole-client}}
bundles software in the resulting binaries.
As these {{LICENSE}} files are meant to be human-readable and are not
necessarily easy to audit automatically, we should consider also producing
machine-readable {{SBOM}} files that contain the same information.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
