Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Done
Priority: Major - P3
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Story Points:
2
Sprint:
TAR 2024-05-27
Assigned Teams:

Tools and Replicator
Epic Link:
REP-3553
Days Spent:
2
Documentation Changes:
Not Needed

Problem

See the project design for details.

Solution & Acceptance Criteria

Add a build.go target to generate the SBOM Lite using the silkbomb tool. See https://docs.devprod.prod.corp.mongodb.com/mms/python/src/sbom/silkbomb/ for details.
Remove the THIRD-PARTY-NOTICES file and code to generate it.
Update the existing check third-party notices CI task to instead check that the SBOM Lite file is up to date. Rename this task to something appropriate.

is depended on by

TOOLS-3537 Create the SSDLC report template

Closed

TOOLS-3538 Update our release documentation with new SSDLC-related stuff

Closed

TOOLS-3550 Create augmented SBOM file and add it to the release artifacts

Closed

links to

Pull Request (mongodb/mongo-tools master)

Assignee:: Dave Rolsky

Reporter:: Dave Rolsky

Reviewers:: Evgeni Dobranov, Huan Li (Inactive), Johnny DuBois

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: May 07 2024 02:31:31 PM UTC

Updated:: May 31 2024 03:15:21 AM UTC

Resolved:: May 28 2024 02:40:16 AM UTC