y the only open source option available that reports CVE’s
at the SBOM component level, to my knowledge.
Thanks,
Dick Brooks
<https://reliableenergyanalytics.com/products> Never trust software, always
verify and report! ™
<http://www.reliableenergyanalyti
in> might be a useful
plugin to propose for generating the SBOM as part of our standard release
process. I do think it's a good idea, but this topic should be discussed in
our public list and not on the private list.
--
Matt Sicker
On Dec 19, 2021, at 12:48
