[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Analysis of SPDX compatibility with current SBOM proposal

Thanks Philippe – having these organized in a table really helps.


BTW – the generated 3T-SBOM-EMS file on the Google Drive looks like it may be an old version.  The modification history in Google Docs doesn’t show any change, but a number of the issues I have identified seem to have been resolved, but the document now appears inconsistent with some of the diagrams (e.g. https://drive.google.com/drive/u/1/folders/1q9v4y6MJBagQn42DMIqwSKU6lerrKWCj).  I’m working from the word doc downloaded from the Git repository: https://github.com/cdfoundation/sig-security-sbom/blob/master/modeling/generated_3T-SBOM-EMS.docx


BTW – from a quick glance, the version that is on Google docs does not have many of the issues identified in my analysis.


I’ll go through my old analysis and move them over to the sheet or add issues to the git repo.





From: Philippe-Emmanuel Douziech
Sent: Thursday, January 9, 2020 12:06 AM
To: 0in 0in 0in'>

From: Philippe-Emmanuel Douziech
Sent: lundi 6 janvier 2020 08:34
To: Gary O'Neall <


Hello and a happy successful 2020 to all!

From: Gary O'Neall <Sent: samedi 4 janvier 2020 01:53