-
Notifications
You must be signed in to change notification settings - Fork 456
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: Enhance SBOM docs (fixes #2922) #3029
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, just a couple of spelling issues that need resolution.
doc/how_to_guides/sbom_generation.md
Outdated
@@ -0,0 +1,51 @@ | |||
# How do I use CVE Binary Tool to generate a SBOM? | |||
|
|||
The cve-bin-tool can be used to generate a software bill of materials (SBOM) file, which is a file that contains a list of all compoents detected by the scan in a standardized format. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The cve-bin-tool can be used to generate a software bill of materials (SBOM) file, which is a file that contains a list of all compoents detected by the scan in a standardized format. | |
The cve-bin-tool can be used to generate a software bill of materials (SBOM) file, which is a file that contains a list of all components detected by the scan in a standardized format. |
Minor typo. (hurray for spell check finding something useful!)
Generate a SPDX SBOM in TagValue format with the name sbom.spdx | ||
|
||
``` | ||
cve-bin-tool --sbom-type spdx --sbom-format tagvalue --sbom-output sbom.spdx |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like you'll need to add "tagvalue" to allow.txt . I guess only the capitalized version was added, since it wasn't caught above.
Signed-off-by: SergeyZ <sergey.i.zverev@intel.com>
Codecov Report
@@ Coverage Diff @@
## main #3029 +/- ##
==========================================
+ Coverage 79.49% 82.69% +3.20%
==========================================
Files 670 678 +8
Lines 10485 10674 +189
Branches 1218 1430 +212
==========================================
+ Hits 8335 8827 +492
+ Misses 1760 1479 -281
+ Partials 390 368 -22
Flags with carried forward coverage won't be shown. Click here to find out more. see 38 files with indirect coverage changes 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
Thanks @terriko for the hints! Spell check findings seem to be addressed in the second commit. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, thank you!
The changes to SBOM support documentation that are left over after hackathon event.