Spring Tips: Software Bills of Material in Spring Boot 3.3
Vložit
- čas přidán 10. 06. 2024
- hi, Spring fans! In this installment we look at the exciting new support for SBOMs - or software bills of materials - in Spring Boot 3.3!
#sboms #springboot #java #springframework #kotlin #security #softwaresecurity - Věda a technologie
Nice. I've been meaning to look into this kind of thing, because as you say, it's a missing piece - it's easy to find out what's in the current source tree, but not so easy to figure out what's in some binary package that was built a few years ago (or which you didn't build in the first place).
Log4Shell is a the perfect illustration of the problem... when that hit, we spent *days* trying to figure out how many places might be impacted, both in our own code and in the various development tools.
I see Josh, I press like, amazing as always
Nice feature.