anshumg commented on PR #1203:
URL: https://github.com/apache/solr/pull/1203#issuecomment-2149114633
Thanks @HoustonPutman . I think this would be a good first step considering
we've been stuck with this for a while.
--
This is an automated message from the Apache Git Service.
To respond
HoustonPutman commented on PR #1203:
URL: https://github.com/apache/solr/pull/1203#issuecomment-2148364812
Ok, so I've changed this to create and SBOM for each of our maven artifacts,
and they are included in what will be uploaded to maven central.
So far there is no solr-wide sbom (f
janhoy commented on PR #1203:
URL: https://github.com/apache/solr/pull/1203#issuecomment-2083639846
I'm positive to including this as a first step and then proceeding with
publishing SBOM as a release artifact as proposed.
--
This is an automated message from the Apache Git Service.
To re
github-actions[bot] commented on PR #1203:
URL: https://github.com/apache/solr/pull/1203#issuecomment-2030817225
This PR had no visible activity in the past 60 days, labeling it as stale.
Any new activity will remove the stale label. To attract more reviewers, please
tag someone or notify t
ErnestoLeon87 commented on code in PR #1203:
URL: https://github.com/apache/solr/pull/1203#discussion_r1474943561
##
gradle/validation/cyclonedx-bom.gradle:
##
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agr
dsmiley commented on code in PR #1203:
URL: https://github.com/apache/solr/pull/1203#discussion_r1456564684
##
gradle/validation/cyclonedx-bom.gradle:
##
@@ -0,0 +1,41 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreement
raboof commented on PR #1203:
URL: https://github.com/apache/solr/pull/1203#issuecomment-1892358239
> We should create a JIRA for this btw.
Created https://issues.apache.org/jira/browse/SOLR-16796
There's probably more to improve from here, such as:
* Generating SBOMs 'per ar
