Register a CycloneDX property namespace #58
Comments
|
I haven't published my FOD tool yet but this is what the properties would look like: {
"type": "library",
"bom-ref": "npeg",
"name": "npeg",
"purl": "pkg:github/zevv/[email protected]",
"version": "1.2.1",
"properties": [
{
"name": "nix:fod:method",
"value": "fetchzip"
},
{
"name": "nix:fod:path",
"value": "/nix/store/xpn694ibgipj8xak3j4bky6b3k0vp7hh-source"
},
{
"name": "nix:fod:ref",
"value": "1.2.2"
},
{
"name": "nix:fod:rev",
"value": "ec0cc6e64ea4c62d2aa382b176a4838474238f8d"
},
{
"name": "nix:fod:sha256",
"value": "1fi9ls3xl20bmv1ikillxywl96i9al6zmmxrbffx448gbrxs86kg"
},
{
"name": "nix:fod:url",
"value": "https://github.com/zevv/npeg/archive/ec0cc6e64ea4c62d2aa382b176a4838474238f8d.tar.gz"
}
]
} |
|
Hej! Thanks for opening this issue! This is definitely something we should do. About other users, I'll ask internally and look a bit into it on Monday! |
|
I started a discourse thread: https://discourse.nixos.org/c/dev/rfc-steering-committee/ |
Yes! I saw. Thank you, that's a much better place to have this discussion! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The
nixnamespace isn't registered at cyclonedx-property-taxonomy.Before we do that, we may want to define a taxonomy for our namespace.
I see that Genealogos is using
nix:narinfofor packages that have been built and I would like to usenix:fodfor "components" that can be built with a fixed-output-derivation.Are there other people or projects interested in using a
nixnamespace within CycloneDX?The text was updated successfully, but these errors were encountered: