-
Type: Task
-
Resolution: Done
-
Priority: Major - P3
-
None
-
Affects Version/s: None
-
Component/s: None
-
None
-
2
-
TAR 2024-05-27
-
Tools and Replicator
-
2
-
Not Needed
Problem
See the project design for details.
Solution & Acceptance Criteria
- Add a build.go target to generate the SBOM Lite using the silkbomb tool. See https://docs.devprod.prod.corp.mongodb.com/mms/python/src/sbom/silkbomb/ for details.
- Remove the THIRD-PARTY-NOTICES file and code to generate it.
- Update the existing check third-party notices CI task to instead check that the SBOM Lite file is up to date. Rename this task to something appropriate.
- is depended on by
-
TOOLS-3537 Create the SSDLC report template
- Closed
-
TOOLS-3538 Update our release documentation with new SSDLC-related stuff
- Closed
-
TOOLS-3550 Create augmented SBOM file and add it to the release artifacts
- Closed
- links to