🧾
Generate a software bill of materials
What went into making your software, besides swearing and broken deadlines?
We need to understand what our software is composed of—this is called "software composition analysis" (SCA).
For certain cases (such as regulated industries) this is extremely important, down to the requirement of knowing each and every dependency and what they themselves are built out of... For our case, though, we are creating the SBOM to understand at "face value" what software (and risks) we are bundling together.
Last modified 1yr ago