Episode 410 - Package identifiers are really hard

Open Source Security Podcast - En podcast af Josh Bressers & Kurt Seifried - Mandage

Prøv Podimo gratis i 30 dage

Prøv Podimo gratis i 30 dage

Et univers fyldt med hundredvis af eksklusive podcasts & lydbøger, klik her for at prøve

 Annoncering

Kategorier:

Teknologi

Josh and Kurt talk about package identifiers. We break this down in the context of an OpenSSF response to a CISA paper on software identifications. The identifiers that get all the air time are purl, CPE, SWID, and OmniBOR. This is a surprisingly complex problem space. It feels easy, but it's not. Show Notes OpenSSF CISA response purl CPE OmniBOR SWID

Visit the podcast's native language site