From ec9cd8bfdca3169e2916da5223b2da0ca7da9fd4 Mon Sep 17 00:00:00 2001 From: Natalia Luzuriaga Date: Thu, 1 Aug 2024 11:52:37 -0400 Subject: [PATCH] Update README.md to include SBOM excerpt --- README.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 5ade463bfb..9599e948b7 100644 --- a/README.md +++ b/README.md @@ -146,8 +146,16 @@ the American public, but you are also welcome to submit anonymously. For more information about our Security, Vulnerability, and Responsible Disclosure Policies, see [SECURITY.md](SECURITY.md). +### Software Bill of Materials (SBOM) + +A Software Bill of Materials (SBOM) is a formal record containing the details and supply chain relationships of various components used in building software. + +In the spirit of [Executive Order 14028 - Improving the Nation’s Cyber Security](https://www.gsa.gov/technology/it-contract-vehicles-and-purchasing-programs/information-technology-category/it-security/executive-order-14028), a SBOM for this repository is provided here: https://github.com/DSACMS/metrics/network/dependencies. + +For more information and resources about SBOMs, visit: https://www.cisa.gov/sbom. + ## Public domain This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the [CC0 1.0 Universal public domain dedication](https://creativecommons.org/publicdomain/zero/1.0/) as indicated in [LICENSE](LICENSE). -All contributions to this project will be released under the CC0 dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest. \ No newline at end of file +All contributions to this project will be released under the CC0 dedication. By submitting a pull request or issue, you are agreeing to comply with this waiver of copyright interest.