Overview
Explore the intricacies of building, signing, and distributing SPDX Software Bill of Materials (SBOMs) as an Artifact Reference Type in this 29-minute conference talk presented by Steve Lasker from Microsoft and Justin Cormack from Docker at a Linux Foundation event. Delve into the Supply Chain Artifact Types, challenges, and the role of registries and reference types in the software supply chain. Gain insights on Artifact Reference Type principals, various reference types, and the process of artifact copying. Learn about OCI Artifact Reference Types and their significance in modern software development and distribution practices.
Syllabus
SUPPLY CHAIN TOWN HALL
CHAIN What are the Supply Chain Artifact Types
CHAIN Supply Chain Artifact Challenges
CHAIN Registries & Reference Types
CHAIN Artifact: Reference Type Principals
CHAIN Artifact: Reference Types
CHAIN Artifact Copying
CHAIN OCI Artifact Reference Types TOWN HALL
Taught by
Linux Foundation