Standardize output of bomber as VDR output #114
Assignees
Labels
Milestone
Comments
|
This is going to be a strange one. We may be able to get a bit of lift out of this, but VEX has a lot of context needed around it that possibly can't be easily automated. |
|
I jus started hacking on this, specifically to produce a CycloneDX VDR and have the basics working. What I'm missing is the BOMRef information. I note Package has a Reference property but this isn't currently populated? Any thoughts on populating that? I wanted to check before I take a run at it, as it's a bit into the internals vs just writing a rendered. |
|
Hey @garethr i need to get notifications of messages turned on. I started down the road on a branch, do you have a link to what you've been working on? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Investigate bomber loading a CycloneDX formatted SBOM and output the same file enriched with vulnerability information.
The text was updated successfully, but these errors were encountered: