Generating an SBOM
Once you have enabled the GitHub Dependency Graph for SBOM Insights you will be ready to generate SBOMs directly in Codefortify. To generate an SBOM:
Select the Projects page
Select the Project that contains the repo you are generating an SBOM for
Select the name of the repo
Select "Download" to generate an SBOM, if you are unsure of the last time that repository was cached, click the "refresh" button prior to downloading
Currently all SBOMs are generated in SPDX format with plans to add Syft in a future release
PreviousEnable the GitHub Dependency Graph for SBOM InsightsNextReviewing and Resolving a Vulnerability
Last updated