Hackernews posts about SBOMs

  1. Opinionated GitHub Action for generating high-quality SBOMs (github.com)
    2 points by todsacerdoti 24 days ago | discuss
  2. Show HN: DepGuard – Local dependency audit and license compliance (10 pkg mgrs) (github.com)
    2 points by suhteevah 7 days ago | discuss
  3. Show HN: SBoM dashboard that pulls from GitHub release assets (sbom.kftray.app)
    2 points by hcavarsan 22 days ago | discuss
  4. Show HN: MCP to get latest dependency package and tool versions (github.com)
    1 points by mshekow 15 days ago | discuss
  5. Codenotary's Free SBoM Service Tackles the AI Software Supply Chain (devops.com)
    2 points by CrankyBear 26 days ago | discuss
  6. Show HN: SBOMHub – Open-source SBoM dashboard with CVE tracking (github.com)
    1 points by y1uda 21 days ago | discuss
  7. The Lesser Evil of Compliance: Enterprise SBoM Strategy for CRA Readiness (nesbitt.io)
    1 points by lifeisstillgood 22 days ago | discuss
  8. SBOM as Messaging System (latedeployment.github.io)
    1 points by elegantgate 24 days ago | discuss
  9. Show HN: I built a visual node system for CI/CD that supports GitHub Actions (www.actionforge.dev)
    18 points by sebastian_io 12 days ago | discuss
  10. Trump Administration Rescinds Biden-Era Software Guidance (www.darkreading.com)
    8 points by weinzierl 22 days ago | discuss
  11. Show HN: Craftplan – I built my wife a production management tool for her bakery (github.com)
    577 points by deofoo 21 days ago | 167 comments
  12. Show HN: Craftplan – Elixir-based micro-ERP for small-scale manufacturers (puemos.github.io)
    22 points by deofoo 19 days ago | 4 comments
  13. Yocto, RockPi and SBOMs: Building modern embedded Linux images (vpetersson.com)
    161 points by mvip about 1 year ago | 123 comments
  14. Could lockfiles just be SBOMs? (nesbitt.io)
    77 points by zdw 2 months ago | 62 comments
  15. SBOMs Remain, Attestations Out – Amendments to Executive Order 14144 (rearmhq.com)
    11 points by taleodor 9 months ago | discuss
  16. Determinate Secure Packages: Nixpkgs with SBOMs, FIPS, and SLA'd CVE Patching (determinate.systems)
    5 points by grhmc about 1 month ago | 1 comments
  17. SBOMs for Medical Devices (2023) (danacrane.medium.com)
    4 points by mooreds 8 months ago | discuss
  18. Show HN: Xbom – Generate AI and SaaS-Aware SBOMs from Code Using Static Analysis (github.com)
    3 points by abhisek 8 months ago | discuss
  19. C SBOMs, and how pkgconf can solve this problem (ariadne.space)
    3 points by todsacerdoti about 1 year ago | discuss
  20. Why Most SBOMs Fail and What to Do About It (ovalenzuela.com)
    2 points by Tomte 8 months ago | discuss
  21. Socket Joins TC54 to Help Shape the Future of SBOMs, CycloneDX, and PURL (socket.dev)
    2 points by feross about 1 year ago | discuss
  22. Firmware SBoMs for open source projects (blogs.gnome.org)
    2 points by JNRowe over 1 year ago | discuss
  23. Show HN: Pre-alpha tool for analyzing spdx SBOMs generated by GitHub (github.com)
    2 points by mnahkies almost 2 years ago | discuss
  24. Show HN: Hatch v1.16.0 – workspaces, dependency groups and SBOMs (hatch.pypa.io)
    1 points by ofek 3 months ago | 1 comments
  25. Show HN: Manage SBOMs like source code (github.com)
    1 points by miraculixx over 1 year ago | 1 comments
  26. Show HN: Firmware GRC tool that generates OSCAL and SBOMs for 122 controls (www.usenabla.com)
    1 points by jdbohrman 5 months ago | discuss
  27. Beyond SBOMs: The Real Gaps in Software Supply Chain Transparency
    1 points by scanosss 6 months ago | discuss
  28. Using SBOMs to detect possible Dependency Confusion (protsenko.dev)
    1 points by protsenko 7 months ago | discuss
  29. Bringing Together SBOMs and Advisories (github.com)
    1 points by giamma 8 months ago | discuss
  30. Rust Will Explode, SBOMs Will Be Duds: Open-Source Predictions (thenewstack.io)
    1 points by gpi about 1 year ago | discuss
  31. Comprehensive Guide to Generating and Understanding SBOMs with Docker and Djang (sbomify.com)
    1 points by todsacerdoti over 1 year ago | discuss
  32. Show HN: CLI that spots fake GitHub stars, risky dependencies and licence traps (github.com)
    122 points by artski 10 months ago | 72 comments
  33. Show HN: SecureBuild – Zero-CVE Images That Pay OSS Projects (securebuild.com)
    40 points by grantlmiller 8 months ago | 17 comments
  34. Show HN: I'm building a simple way to package, collaborate, and deploy ML models (kitops.ml)
    9 points by jesserwilliams almost 2 years ago | discuss
  35. Show HN: GemGuard: Ruby gem to scan and auto-fix vulnerable dependencies (github.com)
    3 points by wilburhimself 7 months ago | discuss
  36. Scanoss GitHub Actions Adds Dependency Track Integration
    2 points by scanosss 5 months ago | discuss
  37. Show HN: GemGuard: Ruby gem to scan and auto-fix vulnerable dependencies (github.com)
    2 points by wilburhimself 6 months ago | discuss
  38. Opentemplate – FOSS Python template –> ease, security, SOTA tooling (github.com)
    2 points by opennudge 8 months ago | discuss
  39. Show HN: SCANOSS Now Scans Container Images
    2 points by scanosss 9 months ago | discuss
  40. Show HN: Open-Source Security Monitoring with AI and License Compliance
    1 points by daudmalik06 about 1 year ago | 1 comments
  41. Scanoss Workbench v1.19.0 – new import/export options, viewer mode, SPDX Lite
    1 points by scanosss 6 months ago | discuss
  42. Show HN: Parent Docker Image Transparency And Daily Pull Request Compliance (github.com)
    1 points by kcrane3576 over 1 year ago | discuss