-
-
Notifications
You must be signed in to change notification settings - Fork 78
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BOM should include Framework Components #836
Comments
Basically waiting for the outcome of this: |
This would be really useful, because now it is kinda difficult to monitor vulnerabilities in the framework itself. |
@mtsfoni As nuspec provides the framework dependence needed by the package & I wouldn't want to lose that association information. Could we as a first step add those dependencies as an optional component. Reason I am wanting to go down this path as when an application is published as trimmed + self contained those dependencies become required. We could Potentially have an argument able to be passed to the tool to signify compilation mode ie dependent, self contained or trimmed which alters the scope of the dependencies. |
This issue is stale because it has been open for 3 months with no activity. |
The BOM generated by the tool should also include:
The text was updated successfully, but these errors were encountered: