You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Singularity users package their containers in SIF, and are increasingly interested in supply chain security. It'd be nice if they could use syft to generate SBOMs.
Additional context:
Sylabs has done some initial research on integrating SIF and Syft, and we'd be happy to open pull request(s) with that initial work if there's support for this feature being added to syft.
I think the main question was around where to add functionality between syft and stereoscope repos. @Poluect, could you PR your code as a starting point to get the discussion started?
What would you like to be added:
Support for generating an SBOMs from containers packaged in the Singularity Image Format (SIF) :
Why is this needed:
Singularity users package their containers in SIF, and are increasingly interested in supply chain security. It'd be nice if they could use
syft
to generate SBOMs.Additional context:
Sylabs has done some initial research on integrating SIF and Syft, and we'd be happy to open pull request(s) with that initial work if there's support for this feature being added to
syft
.Related: sylabs/sif#190
The text was updated successfully, but these errors were encountered: