OWASP/Software-Component-Verification-Standard
Software Component Verification Standard (SCVS)
PythonCC-BY-SA-4.0
Issues
- 1
- 1
PDF links
#37 opened by DaveJarvis - 2
Translate to Japanese
#33 opened by kannkyo - 0
Create BOM Maturity Model in JSON
#36 opened by stevespringett - 0
- 0
Create BOM Maturity Model Taxonomy
#34 opened by stevespringett - 11
lvl 2 and lvl 3 is impossible due to requiring both reproducability and non-reproducability of SBOMs
#31 opened by 06kellyjac - 0
Wrong link to OSSC publication
#29 opened by scovetta - 2
Request for a bit more explanation
#9 opened by commjoen - 0
Control Mapping
#28 opened by stevespringett - 1
David A. Wheeler's comments
#21 opened by david-a-wheeler - 2
2.4-SCVS-BOM-04 - Should this be applicable to Level 2 as the tools aren't readily available.
#6 opened by pruddll - 0
Add chain-of-custody for source code
#4 opened by stevespringett - 0
- 0
Investigate additional resources
#10 opened by stevespringett - 0
Clarify "Devise a path to baseline and mature software supply chain vigilance"
#14 opened by garretfick - 0
- 2
- 0
Change "impact costs" to "manage costs"
#11 opened by garretfick - 3
SCVS-INV-03 may way to specify machine readable (or add additional requirement)
#2 opened by garretfick - 3
- 0
Preface: Bulleted list
#3 opened by stevespringett - 0
SCVS-BOM-17 Descriptor
#7 opened by msymons