Skip to content

v0.1.1
Compare
Choose a tag to compare
@github-actions github-actions released this 21 Dec 18:45
· 95 commits to main since this release
v0.1.1
0df025c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Grant – License information is just an SBOM away v0.1.0

Grant is a new tool from the Anchore team that can view and check licenses from a given software bill of material.

Features

  • Users can supply an SBOM to grant and obtain a license violation report
  • Grant also can take an image or directory input, generate an SBOM, and then use those results as part of the license check.
  • list all the licenses found for a given container image or directory
  • Grant also has the ability to recognize licenses passed to it as a part of its input.
  • Given some text, grant can recognize a license and compare it to the provided configuration along with the SBOM or other supplied containers
  • Licenses are checked against the SPDX license list found here: https://spdx.org/licenses/.

Additional Changes

  • chore: update automatic release flow for v0.1.1 release [#29 @spiffcs]
  • chore: update code static analysis path [#27 @spiffcs]

(Full Changelog)

Contributors

spiffcs
Assets 7
Loading