Replies: 1 comment
-
|
@prabhu, I believe it is inevitable for DT to support multiple documents. Thanks for bringing this up. We will be brainstorming this. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
We recently added support for working with multiple BOMs per project in the upcoming depscan v6 and are seeing some solid improvements in the quality of results, especially with prioritisation of vulnerabilities and VEX generation. Plus, to create multiple BOMs based on project types, lifecycles, techniques, the caller could utilise a combination of BOM engines, which can improve the overall precision rather than relying on a single tool to generate an aggregate BOM.
This repo on Hugging Face includes a sample dataset of lifecycle BOMs generated with cdxgen and blint (different techniques) for a range of projects, which could be used for developing and testing this feature.
I hope you would consider adding this capability in your roadmap.
Existing issues
DependencyTrack/dependency-track#130
DependencyTrack/dependency-track#2889
Beta Was this translation helpful? Give feedback.
All reactions