Hello,

It is related to #284. There is an Executive Order from your President Biden about securing the supply chain. Since the hack of Solarwinds, generating a Software Bills of Materials seems to be very important in your country. In Europe, I didn't see anything related to a SBOM. I might miss something in EU. But I think it would be an important topic in EU.

The OpenSSF (related to Linux Foundation) has even a dedicated page explaining it: https://openssf.org/blog/2021/05/14/how-lf-communities-enable-security-measures-required-by-the-us-executive-order-on-cybersecurity/

Do you plan to generate reports in CycloneDX and SPDX:

• spdx : https://www.iso.org/standard/81870.html
• cyclonedx: https://cyclonedx.org/specification/overview/

Another site describing those standards: https://www.settletop.com/insights/understanding-sbom-standards-cyclonedx-spdx-swid

Thank you.

Regards,
Rasmey