Published some early validation results from my "SBOM for #Python packages" project. ...

2024-11-14 20:02:24 UTC

Published some early validation results from my "SBOM for #Python packages" project. TLDR: I forked auditwheel and added some rudimentary SBOM record-keeping for bundled libraries and showed that today's SCA tools are able to use that information out-of-the-box. Full instructions and work in the post:

https://sethmlarson.dev/early-promising-results-with-sboms-and-python-packages

Author Public Key

npub1xhwh40lc054jjcw69d3tl77a32gtj29katwyl5xvq4kxjv8ytxaqgx9evl

Seen on

wss://relay.momostr.pink

Show more details

Seth Larson on Nostr: Published some early validation results from my "SBOM for #Python packages" project. ...