hi, Spring fans! In this installment we look at the exciting new support for SBOMs - or software bills of materials - in Spring Boot 3.3! #sboms #springboot #java #springframework #kotlin #security #softwaresecurity
Пікірлер: 3
@simongeard4824Ай бұрын
Nice. I've been meaning to look into this kind of thing, because as you say, it's a missing piece - it's easy to find out what's in the current source tree, but not so easy to figure out what's in some binary package that was built a few years ago (or which you didn't build in the first place). Log4Shell is a the perfect illustration of the problem... when that hit, we spent *days* trying to figure out how many places might be impacted, both in our own code and in the various development tools.