From: | Кристина Валентей <klsst1nv0(at)gmail(dot)com> |
---|---|
To: | Julian Coccia <julian(dot)coccia(at)scanoss(dot)com> |
Cc: | "pgsql-general(at)lists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org> |
Subject: | Re: Software Bill of Materials (SBOM) |
Date: | 2024-01-15 18:34:43 |
Message-ID: | CAAnBbHFAPvUPdMSRehL3ACEa+H0xrTMuT7GdV2gkdpz6XcRhxg@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
thank you Julian for your answer.
SCANOSS is very good, but it is probably not suitable for searching
external libraries that POSTGRESQL uses.
Therefore, I again ask you to tell me if there is a ready-made SBOM file
for project POSTGRESQL, or a tool that can create it based on the source
code C
сб, 13 янв. 2024 г. в 14:10, Julian Coccia <julian(dot)coccia(at)scanoss(dot)com>:
> Hi Cristina,
>
>
>
> Have you tried SCANOSS?
>
>
>
> To install:
>
> pip3 install scanoss
>
>
>
> To generate your SBOM (SPDX lite):
>
> scanoss-py scan --format spdxlite DIRECTORY/
>
>
>
> Alternatively, in CycloneDX format instead:
>
> scanoss-py scan --format cyclonedx DIRECTORY/
>
>
> Hope this helps.
>
>
>
> Regards,
>
> Julian
>
>
>
> *From: *Кристина Валентей <klsst1nv0(at)gmail(dot)com>
> *Date: *Saturday, 13 January 2024 at 12:03
> *To: *pgsql-general(at)lists(dot)postgresql(dot)org <
> pgsql-general(at)lists(dot)postgresql(dot)org>
> *Subject: *Software Bill of Materials (SBOM)
>
> Good afternoon.
> I'm looking for a way to build sbom files for assembly postgresql, to
> perform software composition analysis (SCA).
>
> Please, tell me how can I do this?
>
> Thank you.
>
From | Date | Subject | |
---|---|---|---|
Next Message | Eyüp Liste | 2024-01-15 19:03:47 | RE: data migration using EXTENSION tds_fdw |
Previous Message | Adrian Klaver | 2024-01-15 17:35:19 | Re: Unable to find column |