Updating an existing SBOM? #308
Replies: 1 comment 2 replies
-
|
Updating and existing SBOM in JSON/XML format would start with reading ans SBOM, going through de-serializing and de-normalizing to having a SBOM data model that can be altered, so that this modified result can be put to JSON/XML later. |
Beta Was this translation helpful? Give feedback.
-
|
Hi @jkowalleck, and thanks for your quick response! I should have looked around a bit more before asking, but I guess your answer makes it crystal clear to anybody wondering the same as me. There's no rush on our side as we are now starting our work on SBOM generation. Thanks! |
Beta Was this translation helpful? Give feedback.
-
|
:-D feedback or discussions from downstream users of the library are highly appreciated. |
Beta Was this translation helpful? Give feedback.
-
First of all, thanks for providing such library. It works great, documentation is neat and saved our lives in the duty of tackling our approach to implement SBOM in the AlmaLinux Build System (from where we build AlmaLinux OS).
This is more a question rather than an issue and please, forgive me if it's a stupid question, but I'm pretty new to SBOM and I felt that before designing our workflow, it was worth asking here (maybe this is not even the right place to ask?).
So far, we're already generating SBOMs of some of the artifacts that the Build System creates. Since these artifacts can change over time, we were wondering what is the right approach to update an existing SBOM since I couldn't find anything relevant or any "good practices" on the subject. I tried to set the version field when generating a new BOM, but so far, it ends up being a new field called ersion.
Other than that, technically, it shouldn't be that difficult, we can store our generated SBOMs somewhere and then use these files to take the relevant serialNumber and increase the version manually, but still, we would like to know your thoughts on this.
Thanks again,
Javi
Beta Was this translation helpful? Give feedback.
All reactions