EPIC: Extend SBOM "formulation" to allow correct recipe for re-making... #3747
Labels
compatibility
Issues that relate to how our code works with other third party code bases
enhancement
Issues that enhance the code or documentation of the repo in any way
epic
Issues that are large and likely multi-layered features or refactors
reproducible-build
Sbom
issue relate to work of sbom
Comments
andrew-m-leonard
added
enhancement
github-actions
bot
added
the
compatibility
andrew-m-leonard
added
Sbom
github-actions
bot
added
the
compatibility
andrew-m-leonard
added
the
epic
andrew-m-leonard
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The intention of the CycloneDX "formulation" is to provide a "recipe" for "re-making" the exact same build.
As it currently stands the SBOM formulation section contains strace analysis listing of packages & tooling dependencies used in the original build. We need to add a new section for a "recipe" that provides the exact "configure & make" commands along with how to create a "compatible" environment to re-build an identical build.
The text was updated successfully, but these errors were encountered: