Copied to Clipboard
The project repo contains some additional command line recipes to show you how you can use this project. Well worth checking those out.
Finally, the doc provides some details as to the criteria evaluated and what they mean.
Conclusion
In this short blog post, I looked at a new open source tool that looks to assess the quality of a software bill of materials (SBOM). I can see how this might be useful as part of a broader solution, and should help move SBOMs from being a static asset to something more actionable. As I mentioned in the post, this is an early project (0.2 version) so will keep an eye on this tool, and encourage you all to try it out and provide feedback to the maintainers.
I would love the hear more from readers about what your biggest pain points and frustrations when you work with open source is. Please complete this very short survey, as this would help me massively. (All responses are anonymous)
You can check out and explore the sbomqs tool here.