Hacker News new | past | comments | ask | show | jobs | submit login

I think CycloneDX [1] is the go-to SBOM specification these days.

[1] https://cyclonedx.org/




I was just digging into Cloud Native Buildpacks (buildpacks.io) as an alternative to Dockerfiles yesterday and realised that they actually have SBOM generation built into them for popular languages which is a really nice easy security infrastructure upgrade for everyone using them.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: