| CARVIEW |
Select Language
HTTP/2 200
date: Sun, 28 Dec 2025 15:28:37 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With
etag: W/"d6f99ebaaf373f640df700eb65ae6563"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com github.githubassets.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com wss://alive-staging.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com marketplace-screenshots.githubusercontent.com/ copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com github.githubassets.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
set-cookie: _gh_sess=M706gwLyvFfpwdb8gEjtWLdwQ75yCTYrbk8HeOvR5N73i2jZL8BMr24ot4Jfehb%2BKvZYZYxTrafuHXbUiKIDJvgs%2FrnDtz%2B%2BlE6ZYqhypZ%2Fkh8JqT1uyih1q7xn7T05prw%2BZ1PxZ%2BSApNpmtSWPK0DIhyk2vg4sM2AaJtdgxhiuqcmBdPSk3KUC6ka74fl5lHD2lur2ecV%2BZVz5FfWWRwnqFfuPIurbRK92g367%2Fim%2FQ19Mxusvo%2FLu59sznv%2FWBUtD90gcaYfEVekSnqseZpQ%3D%3D--snFgOK7T1nUTb8Hf--%2BzKVb71N%2BV%2BYs7H6SeT8lg%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.256605602.1766935716; Path=/; Domain=github.com; Expires=Mon, 28 Dec 2026 15:28:36 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Mon, 28 Dec 2026 15:28:36 GMT; HttpOnly; Secure; SameSite=Lax
x-github-request-id: 92CA:272FBA:5152EC9:624F795:69514CA4
Releases · bomctl/bomctl · GitHub
02 May 15:48
idunbarh
Ian Dunbar-Hall
08 Jan 16:56
Loading
16 Sep 15:56
Loading
09 Sep 22:56
idunbarh
Ian Dunbar-Hall
Loading
19 Aug 21:25
idunbarh
Ian Dunbar-Hall
Loading
07 Aug 21:38
Loading
27 Jun 16:43
Loading
26 Jun 22:54
Loading
29 May 16:57
Loading
30 Apr 17:01
Loading
Skip to content
Navigation Menu
{{ message }}
-
Notifications
You must be signed in to change notification settings - Fork 19
Releases: bomctl/bomctl
Releases · bomctl/bomctl
v0.4.3
v0.4.3
This tag was signed with the committer’s verified signature.
idunbarh
Ian Dunbar-Hall
SSH Key Fingerprint: IR5ELos+NqvCJeugTfIoVdqYhuiXVfaSui3L8528OKw
Verified
Learn about vigilant mode.
1ef4106
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Contributors
ashearin and lmphil
Assets 41
- 2.39 KB
2025-05-02T15:39:27Z - 3.06 KB
2025-05-02T15:39:27Z - 96 Bytes
2025-05-02T15:39:27Z - 13 MB
2025-05-02T15:39:24Z - 132 KB
2025-05-02T15:39:26Z - 186 KB
2025-05-02T15:39:26Z - 12.3 MB
2025-05-02T15:39:23Z - 132 KB
2025-05-02T15:39:26Z - 186 KB
2025-05-02T15:39:26Z - 13.3 MB
2025-05-02T15:39:24Z -
2025-05-02T15:31:00Z -
2025-05-02T15:31:00Z - Loading
v0.4.2
v0.4.2
This tag was signed with the committer’s verified signature.
8f9dd13
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Changelog
🆕 New features
- feat: Output Sboms without Modification (#210) (@ashearin)
- feat: SBOM Aliases (#129) (@lmphil)
- feat: SBOM linking (#223) (@jhoward-lm)
- feat: add base document db annotation, WithSourceDocumentAnnotations and WithRevisedDocumentAnnotations functions (#211) (@ashearin)
- feat: add latest document annotation (#230) (@ashearin)
- feat: add link command stubs (#222) (@jhoward-lm)
- feat: bomctl push subcommand OCI client functionality (#139) (@jhoward-lm)
- feat: document annotations for source data, hash, format, and URL (#153) (@jhoward-lm)
- feat: github client fetch support (#209) (@lallevato-lm)
- feat: gitlab fetch (#229) (@lmphil)
- feat: implement autocomplete (#238) (@lallevato-lm)
🐞 Bug fixes
- fix: Fix typo in MAINTAINERS (#180) (@evankanderson)
- fix: Print DocID for list cmd. Dynamic id/alias column width (#165) (@ashearin)
- fix: add cyclonedx 1.6 support (#188) (@ashearin)
- fix: update compare_docs function (#202) (@ashearin)
📘 Documentation
- docs: ADR-0006 sbom merge (#111) (@pkwiatkowski1)
- docs: ADR-0007 sbom diff (#112) (@mfrystacky)
- docs: ADR-0008 storage and retrieval without modification (#194) (@ashearin)
- docs: ADR-0009 SBOM Linking (#164) (@lmphil)
- docs: Roadmap Updates (#161) (@idunbarh)
- docs: add ADR for auth types and encrypted secrets (#104) (@jhoward-lm)
📝 Other changes
- refactor: add Unpack function, rename to match package (#239) (@jhoward-lm)
- refactor: add choiceValue type for static sets of flag options (#240) (@jhoward-lm)
- refactor: add sliceutils helper package for dev convenience (#163) (@jhoward-lm)
- refactor: break out Fetcher and Pusher from Client interface, add PrepareFetch method (#245) (@jhoward-lm)
- refactor: internal option to force list output if desired (#241) (@jhoward-lm)
- refactor: stage all externally referenced SBOMs before push (#155) (@jhoward-lm)
- test: add cmd format/encoding unit tests, update e2e tests (#185) (@ashearin)
- test: add unit tests for alias/tags DB functions (#174) (@lmphil)
- test: client fetch unit tests (#205) (@jhoward-lm)
- test: integration testing of functionality (#169) (@ashearin)
Contributors
evankanderson, ashearin, and 6 other contributors
Assets 41
1 person reacted
v0.4.1
v0.4.1
This tag was signed with the committer’s verified signature.
SSH Key Fingerprint: CXCz4cLd3Xg+bIjh5E0yWNFJZWK8JepxGGt0iHI/cU0
Verified
Learn about vigilant mode.
9eadeed
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Changelog
🐞 Bug fixes
- fix: license headers incorrectly interpreted as package documentation (#157) (@jhoward-lm)
Contributors
jhoward-lm
Assets 41
v0.4.0
v0.4.0
This tag was signed with the committer’s verified signature.
idunbarh
Ian Dunbar-Hall
SSH Key Fingerprint: IR5ELos+NqvCJeugTfIoVdqYhuiXVfaSui3L8528OKw
Verified
Learn about vigilant mode.
cb51893
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Changelog
🆕 New features
- feat: add merge command (#143) (@pkwiatkowski1)
- feat: bomctl push subcommand git client functionality (#127) (@ashearin)
🐞 Bug fixes
📘 Documentation
- docs: add Bomctl Charter document to document project organization (#146) (@idunbarh)
- docs: document sandbox status & improve docs (#140) (@idunbarh)
📝 Other changes
- refactor: dynamic prefix for subcommand loggers (#138) (@jhoward-lm)
- refactor: one-time backend setup in rootCmd.PersistentPreRun (#137) (@jhoward-lm)
Contributors
ashearin, idunbarh, and 2 other contributors
Assets 41
v0.3.1
v0.3.1
This tag was signed with the committer’s verified signature.
idunbarh
Ian Dunbar-Hall
SSH Key Fingerprint: Tc8kReLV6zVDkLNxHfanYIrilYf9gNSnyBhYDXYfkN4
Verified
Learn about vigilant mode.
4f396cb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Contributors
ashearin, idunbarh, and jhoward-lm
Assets 41
v0.3.0
v0.3.0
This tag was signed with the committer’s verified signature.
SSH Key Fingerprint: CXCz4cLd3Xg+bIjh5E0yWNFJZWK8JepxGGt0iHI/cU0
Verified
Learn about vigilant mode.
381c9bf
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Changelog
🆕 New features
- feat: import command (#113) (@jhoward-lm)
📘 Documentation
- docs: ADR-0002: import subcommand (#102) (@jhoward-lm)
- docs: ADR-0003: customization of list output (#103) (@jhoward-lm)
- docs: ADR-0005: SBOM document aliases/tags (#105) (@jhoward-lm)
📝 Other changes
- refactor: export command supported formats (#118) (@jhoward-lm)
Contributors
jhoward-lm
Assets 41
v0.2.1
v0.2.1
This tag was signed with the committer’s verified signature.
SSH Key Fingerprint: CXCz4cLd3Xg+bIjh5E0yWNFJZWK8JepxGGt0iHI/cU0
Verified
Learn about vigilant mode.
4e558e5
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Contributors
jhoward-lm
Assets 41
v0.2.0
v0.2.0
This tag was signed with the committer’s verified signature.
SSH Key Fingerprint: CXCz4cLd3Xg+bIjh5E0yWNFJZWK8JepxGGt0iHI/cU0
Verified
Learn about vigilant mode.
dea188f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Changelog
🆕 New features
- feat: Export command - Export SBOM from storage (#75) (@houdini91)
- feat: list command (#82) (@jhoward-lm)
📘 Documentation
- docs: add architecture decision record template and VSCode snippet (#83) (@jhoward-lm)
📝 Other changes
- refactor: pass file arguments as stream readers/writers instead of strings (#76) (@jhoward-lm)
- refactor: remove globals, use functional options pattern (#77) (@jhoward-lm)
- refactor: update to use Protobom Ent backend (#73) (@jhoward-lm)
Contributors
houdini91 and jhoward-lm
Assets 41
v0.1.9
v0.1.9
This tag was signed with the committer’s verified signature.
SSH Key Fingerprint: CXCz4cLd3Xg+bIjh5E0yWNFJZWK8JepxGGt0iHI/cU0
Verified
Learn about vigilant mode.
dd5540b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Contributors
idunbarh and jhoward-lm
Assets 41
v0.1.8
v0.1.8
This tag was signed with the committer’s verified signature.
SSH Key Fingerprint: CXCz4cLd3Xg+bIjh5E0yWNFJZWK8JepxGGt0iHI/cU0
Verified
Learn about vigilant mode.
10e558a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Contributors
jhoward-lm
Assets 41
Previous Next
You can’t perform that action at this time.