espressif/mbedtls
1
0
Fork 0
mirror of https://github.com/espressif/mbedtls.git synced 2026-06-05 21:14:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

initial version of the sbom.yml file

Browse Source 
This is an initial version of the sbom.yml file for Espressif's mbedtls.
It's used by the esp-idf-sbom[1] tool to generate an SBOM file in the SPDX
format for esp-idf projects.

[1] - https://github.com/espressif/esp-idf-sbom

Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>

fix(sbom): add note about Espressif modifications

Since our mbedtls code is not a pure upstream version, let's add a note
about this in the SBOM manifest description, which will be included in
the generated SPDX file. We used the same approach e.g. for freertos.

Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
This commit is contained in:
Frantisek Hrbata
2023-06-19 16:21:49 +02:00
committed by Mahavir Jain
parent 05c183eb55
commit 17eee1136d
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
sbom.yml
+5
View File
@@ -0,0 +1,5 @@
version: 3.6.2
cpe: cpe:2.3:a:arm:mbed_tls:{}:*:*:*:*:*:*:*
supplier: 'Organization: Espressif Systems (Shanghai) CO LTD'
originator: 'Organization: Trusted Firmware <mbed-tls-security@lists.trustedfirmware.org>'
description: An open source, portable, easy to use, readable and flexible SSL library with additional features and patches from Espressif.