[GODRIVER-3109] Create list of third party dependencies and versions for Go Driver Created: 26/Jan/24 Updated: 02/Feb/24 |
|
| Status: | Waiting for Reporter |
| Project: | Go Driver |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Unknown |
| Reporter: | Ryan Timmons | Assignee: | Steve Silvester |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | ssdlc | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Epic Link: | GODRIVER-3052 |
| Quarter: | FY25Q1 |
| Assigned Teams: |
Go Drivers
|
| Documentation Changes Summary: | 1. What would you like to communicate to the user about this feature? |
| Description |
|
As a part of the SSDLC initiative, we are asking shipped products to declare the current state of their dependencies as we build out more automation. Please see further instructions on the spreadsheet located at go/sbom-prep-sheet. Please reach out to #rnd-vulnerability-management with any questions. This ticket can be resolved once the spreadsheet is populated for your teams’ products. |
| Comments |
| Comment by Steve Silvester [ 01/Feb/24 ] | ||
|
I updated the sheet | ||
| Comment by Steve Silvester [ 01/Feb/24 ] | ||
|
Better option:
| ||
| Comment by Ryan Timmons [ 31/Jan/24 ] | ||
|
Thanks, Steve. Please see this thread on slack for relevant commentary on the github sbom feature: | ||
| Comment by Steve Silvester [ 30/Jan/24 ] | ||
|
https://github.com/mongodb/mongo-go-driver/network/dependencies has the option to export an SBOM. |