SBOM To generate an SBOM for a container image: syft<image> The above output includes only software that is visible in the container (i.e., the squashed representation of the image). To include software from all image layers in the SBOM, regardless of its presence in the final image, pro...
GitHub Action for SBOM Generation A GitHub Action for creating a software bill of materials (SBOM) using Syft. Basic Usage - uses: anchore/sbom-action@v0 By default, this action will execute a Syft scan in the workspace directory and upload a workflow artifact SBOM in SPDX format. It will...