SBOM Report for Infor( GRC product) #7309
Labels
Comments
That's your job. You can look at the pom.xml files for the dependency versions of each project. We're not going to spend time doing your job for you.
We certainly don't require them. You require them. Please generate them yourself. |
|
GitHub generates it fwiw |
|
Interesting. Thanks @ben-manes. There's even an Export SBOM button. @AdityaBhinge does that produce what you need? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
Aditya here from the Infor GRC automation team. We have been using these packages for our product, GRC (Governance Risk and Compliance), for a while now. Infor GRC has been generating SBOM reports for vulnerability scanning. Recently, we have been asked to obtain SBOM reports from third-party resources we have been using. Therefore, I request you to provide me with the SBOM reports for the packages mentioned below, along with their versions. The reports are required for these versions only and in CycloneDX JSON format.
guava - 32.1.1-jre
failureaccess - 1.0.1
j2objc-annotations -2.8
proto-google-common-protos -2.7.4
protobuf-java -3.21.12
jimfs -jimfs
The text was updated successfully, but these errors were encountered: