Version updated for https://github.com/sbom-tool/sbom-tools-action to version v1.3.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The sbom-tools GitHub Action integrates the sbom-tools utility into GitHub workflows to automate Software Bill of Materials (SBOM) management tasks, such as semantic diffing, validation, quality scoring, enrichment, vulnerability analysis, and license compliance checks. It simplifies SBOM handling by providing pre-built, verified binaries and supports advanced features like provenance verification via Sigstore/SLSA.

Version updated for https://github.com/sbom-tool/sbom-tools-action to version v1.2.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The sbom-tools GitHub Action integrates sbom-tools into GitHub workflows to automate tasks such as SBOM (Software Bill of Materials) diffing, validation, quality scoring, enrichment, verification, and license checking. It simplifies the process of ensuring software supply chain security by providing capabilities like vulnerability detection, compliance checks, and provenance verification.

Version updated for https://github.com/sbom-tool/sbom-tools-action to version v1.1.0. This action is used across all versions by ? repositories. Action Type This is a Composite action. Go to the GitHub Marketplace to find the latest changes. Action Summary The sbom-tools GitHub Action enables automated software bill of materials (SBOM) management tasks, such as semantic diffing, validation, quality scoring, enrichment with vulnerability data, license compliance checks, and more. It streamlines compliance and security workflows by ensuring SBOM accuracy, detecting changes or vulnerabilities, and verifying artifacts using cryptographic methods like Sigstore and SLSA.