Software Bill of Materials
Joseph Reynolds
jrey at linux.ibm.com
Sat Mar 19 09:15:35 AEDT 2022
On 3/17/22 5:20 PM, Patrick Williams wrote:
> On Thu, Mar 17, 2022 at 04:26:08PM +0000, Richard Hughes wrote:
>> Hi all,
> Hello Richard,
>
> Thanks for pointing this topic out to us. I'm not sure we've done a lot of
> thinking on it and there appears to be a good amount to digest.
...snip...
> I'm not really sure where to go from here. It seems like, since we've built
> everything on top of Yocto, having someone go write a bbclass that creates
> whatever coSWID data you want from existing information the bitbake recipes
> already have would be the start.
I asked Yocto a while back. They referred me to the license.bbclass.
You can configure it to produce a list of recipes used, along with
version and license.
I also use the archiver.bbclass to get the source code needed for
license compliance and for source code scans.
-Joseph
More information about the openbmc
mailing list