They could call it an SBOM... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		rrdharan on June 24, 2023 \| parent \| context \| favorite \| on: Millions of GitHub repos likely vulnerable to Repo... They could call it an SBOM...

codetrotter on June 24, 2023 [–]

I think tedunangst is referring to https://man.openbsd.org/signify.1

tedunangst on June 24, 2023 | [–]

Even simpler than that, something like bsd ports distfiles checksums, or go.sum, or whatever. If you depend on something, you should know what that something is, and you should have some measure of it in your code/project.

throwaway892238 on June 24, 2023 | | [–]

Like a SBOM

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact