Spring Tips: Software Bills of Material in Spring Boot 3.3
ฝัง
- เผยแพร่เมื่อ 28 ก.ย. 2024
- hi, Spring fans! In this installment we look at the exciting new support for SBOMs - or software bills of materials - in Spring Boot 3.3!
#sboms #springboot #java #springframework #kotlin #security #softwaresecurity
I see Josh, I press like, amazing as always
Nice. I've been meaning to look into this kind of thing, because as you say, it's a missing piece - it's easy to find out what's in the current source tree, but not so easy to figure out what's in some binary package that was built a few years ago (or which you didn't build in the first place).
Log4Shell is a the perfect illustration of the problem... when that hit, we spent *days* trying to figure out how many places might be impacted, both in our own code and in the various development tools.
Nice feature.