By Josh Bressers
=> 🔊 Play episode (31 min) | Direct episode link | 💬 Share episode
Published January 07, 2024 6:00pm
Josh and Kurt talk about package identifiers. We break this down in the context of an OpenSSF response to a CISA paper on software identifications. The identifiers that get all the air time are purl, CPE, SWID, and OmniBOR. This is a surprisingly complex problem space. It feels easy, but it's not. Show Notes OpenSSF CISA response purl CPE OmniBOR SWID
=> Return to podcast This content has been proxied by September (3851b).Proxy Information
text/gemini