Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Building, Signing, and Distributing SPDX SBOMs as Artifact Reference Type

Linux Foundation via YouTube

Overview

Explore the intricacies of building, signing, and distributing SPDX Software Bill of Materials (SBOMs) as an Artifact Reference Type in this 29-minute conference talk presented by Steve Lasker from Microsoft and Justin Cormack from Docker at a Linux Foundation event. Delve into the Supply Chain Artifact Types, challenges, and the role of registries and reference types in the software supply chain. Gain insights on Artifact Reference Type principals, various reference types, and the process of artifact copying. Learn about OCI Artifact Reference Types and their significance in modern software development and distribution practices.

Syllabus

SUPPLY CHAIN TOWN HALL
CHAIN What are the Supply Chain Artifact Types
CHAIN Supply Chain Artifact Challenges
CHAIN Registries & Reference Types
CHAIN Artifact: Reference Type Principals
CHAIN Artifact: Reference Types
CHAIN Artifact Copying
CHAIN OCI Artifact Reference Types TOWN HALL

Taught by

Linux Foundation

Reviews

Start your review of Building, Signing, and Distributing SPDX SBOMs as Artifact Reference Type

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.