Techly NewsGet the app

Get the latest tech news

Could lockfiles just be SBOMs?


Lockfiles and SBOMs record the same information in different formats. What if package managers used SBOMs directly, instead of converting later?

None

Get the Android app

Or read this on Hacker News

Read more on:

Photo of lockfiles

lockfiles

Photo of SBOMs

SBOMs

Related news:

News photo

Gh-actions-lockfile: generate and verify lockfiles for GitHub Actions

News photo

We shouldn't have needed lockfiles

« AWS adds hybrid cloud storage support for Nutanix’s AHV hypervisor
Donald E. Knuth and Peter van Emde Boas on priority deques (1977) [pdf] »