Steve Winslow
Type devroom
Generating SPDX documents for CMake and Zephyr
Starts on day 2 (2021-02-07) at 15:35 (Brussels time, UTC+1) in room Composition (duration 00:15)
Matrix room #composition:fosdem.org
A Software Bill of Materials (SBoM) can communicate details about a software package's contents, as well as the inputs and sources that were used to build it. However, SBoMs created by manual processes can often be incomplete, incorrect or out-of-date as a software package evolves. Effective use of SBoMs will typically require creating them during the build process itself using automated tooling. In this talk, I will present a proof-of-concept for generating an SPDX SBoM for CMake-based projects.
=> FOSDEM schedule page This content has been proxied by September (3851b).Proxy Information
text/gemini; lang=en