Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Collect and publish SPDX SBOM data for EdgeX releases #4173

Closed
bnevis-i opened this issue Sep 29, 2022 · 0 comments · Fixed by #4339
Closed

Collect and publish SPDX SBOM data for EdgeX releases #4173

bnevis-i opened this issue Sep 29, 2022 · 0 comments · Fixed by #4339
Assignees
@jim-wang-intel
Labels
enhancement New feature or request security_audit Track issues that are related to CVE/CVSS/CWE auditing etc
Milestone
Minnesota

Comments

@bnevis-i
Copy link
Collaborator

bnevis-i commented Sep 29, 2022
edited
Loading

🚀 Feature Request

Relevant Package [REQUIRED]

All packages

Description [REQUIRED]

In order to help companies comply with US Executive Order (EO) 14028, Improving the Nation’s Cybersecurity (May 12, 2021), the EdgeX Foundry project should generate SBOM artifacts in the SPBX SBOM format.

References:

This repo has a good index of existing tools:
@bnevis-i bnevis-i added enhancement New feature or request security_audit Track issues that are related to CVE/CVSS/CWE auditing etc labels Sep 29, 2022
@bnevis-i bnevis-i added this to the Minnesota milestone Nov 17, 2022
jim-wang-intel added a commit to jim-wang-intel/edgex-go that referenced this issue Feb 9, 2023
@jim-wang-intel
feat: generate spdx sbom and add Makefile target for sbom generation
f2f86e7 
Closes: edgexfoundry#4173

Signed-off-by: Jim Wang <[email protected]>
@jim-wang-intel jim-wang-intel mentioned this issue Feb 9, 2023
Merged
3 tasks
jim-wang-intel added a commit to jim-wang-intel/edgex-go that referenced this issue Mar 9, 2023
@jim-wang-intel
feat: generate spdx sbom and add Makefile target for sbom generation
00896d0 
Closes: edgexfoundry#4173

Signed-off-by: Jim Wang <[email protected]>
bnevis-i pushed a commit that referenced this issue Mar 10, 2023
@jim-wang-intel
feat: generate spdx sbom and add Makefile target for sbom generation (#…
da675bb 
…4339)

Closes: #4173

Signed-off-by: Jim Wang <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jim-wang-intel jim-wang-intel

Labels
enhancement New feature or request security_audit Track issues that are related to CVE/CVSS/CWE auditing etc
Projects
None yet
Milestone
Minnesota
Development

Successfully merging a pull request may close this issue.

feat: generate spdx sbom and add Makefile target for sbom generation jim-wang-intel/edgex-go
2 participants
@bnevis-i @jim-wang-intel