stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

license switch agpl -> busl1, sprints work, new product advisories

Browse Source
This commit is contained in:
master
2026-01-20 15:32:20 +02:00
parent 4903395618
commit c32fff8f86
1835 changed files with 38630 additions and 4359 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/sboms/DETERMINISM.md
View File

@@ -93,7 +93,7 @@ This ensures component order doesn't affect the canonical hash.
```json
{
"bomFormat": "CycloneDX",
"specVersion": "1.6",
"specVersion": "1.7",
"serialNumber": "urn:sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
}
```
@@ -355,7 +355,7 @@ stella sbom verify input.json --canonical --output output.json
## References
- [RFC 8785: JSON Canonicalization Scheme](https://tools.ietf.org/html/rfc8785)
- [CycloneDX 1.6 Specification](https://cyclonedx.org/docs/1.6/json/)
- [CycloneDX 1.7 Specification](https://cyclonedx.org/docs/1.7/json/)
- [SPDX 2.3 Specification](https://spdx.github.io/spdx-spec/v2.3/)
- `docs/modules/scanner/signed-sbom-archive-spec.md` - Archive format
- `docs/modules/scanner/deterministic-sbom-compose.md` - Composition rules