The #Nixpkgs manual now defines a standard for declaring #Nix store objects in a CycloneDX #SBOM.
https://nixos.org/manual/nixpkgs/unstable/#chap-interop-cyclonedx
This is not only a standard for describing Nix packages in a way that is semantically interoperable with CycloneDX, but also a standard for building packages from SBOMs using embedded fixed-output-derivations.
emery /
npub1vx…p0wf5
2024-08-08 11:19:47
Author Public Key
npub1vxzyvdmv2r5dsyv8cvtauvgudg5hvtmfephlm0rqs9s3c46n6y7qyp0wf5Published at
2024-08-08 11:19:47Event JSON
{
"id": "4104ca44b656fa3b263107a6715466d3445f92a393824db5fce0da008aa06a7a",
"pubkey": "618446376c50e8d81187c317de311c6a29762f69c86ffdbc6081611c5753d13c",
"created_at": 1723115987,
"kind": 1,
"tags": [
[
"t",
"nixpkgs"
],
[
"t",
"nix"
],
[
"t",
"sbom"
],
[
"proxy",
"https://hj.9fs.net/emery/p/1723115987.103399",
"activitypub"
]
],
"content": "The #Nixpkgs manual now defines a standard for declaring #Nix store objects in a CycloneDX #SBOM.\nhttps://nixos.org/manual/nixpkgs/unstable/#chap-interop-cyclonedx\n\nThis is not only a standard for describing Nix packages in a way that is semantically interoperable with CycloneDX, but also a standard for building packages from SBOMs using embedded fixed-output-derivations.\n",
"sig": "894a7c2536e6cb87e471f1af3c769f10cae56972067c20bf0a19a950ca537500362fdd6cab6458a9bed804a2d5442353874cad73218790ba1c68f6f966f4395f"
}