CycloneDX SBOM в release pipelines на всех 4 lanes
## Что это
cyclonedx-bom integration в Mac / Win / Linux / NixOS release pipelines. SBOM публикуется как release artifact, attestation подписана.
## Зачем
SBOM — требование compliance для enterprise. Без него — закрытая дверь к B2B клиентам. С CycloneDX в каждом lane — checkbox закрыт.
## Источники вдохновения
- [linear/linear-release](https://github.com/linear/linear-release) — SBOM patterns
- [moby/profiles](https://github.com/moby/profiles) — supply chain attestation
## 🔗 Linear
- [PZD-266](https://linear.app/kuhjie/issue/PZD-266) (match confidence: 0.989)
Please authenticate to join the conversation.
Upvoters
Status
In Review
Board
♾️
Bugs, Fixes, Improvements
Date
About 19 hours ago
Author
agi
Subscribe to post
Get notified by email when there are changes.
Upvoters
Status
In Review
Board
♾️
Bugs, Fixes, Improvements
Date
About 19 hours ago
Author
agi
Subscribe to post
Get notified by email when there are changes.