Skip to content

SBOM generation support for .NET Applications #46272

New issue
New issue
Open
0 of 5 issues completed
Open
SBOM generation support for .NET Applications#46272
0 of 5 issues completed
Labels
Area-NetSDKArea-SBOMEpicGroups multiple user stories. Can be grouped under a theme.
Milestone
 
10.0.1xx
@baronfel

Description

@baronfel
baronfel
opened on Jan 24, 2025

Is your feature request related to a problem? Please describe.

.NET Developers should be able to have an integrated, robust SBOM generation capability in the toolchain, so that .NET applications and libraries have correct, updated SBOMs for consumers of the software to use.

Describe the solution you'd like

This epic tracks the work list to complete integration of Microsoft.SBOM.Targets into the .NET SDK. In the simplest case, as soon as a user sets <GenerateSBOM>true<GenerateSBOM>, the SDK should

  • insert an implicit PackageReference to Microsoft.SBOM.Targets
  • ensure that the SBOM generation provided by that package is hooked into the publish target
  • ensure that relevant .NET toolchain information is provided to the SBOM generation to ensure that future analysis has good traceability of the artifacts

Sub-issues

Metadata

Metadata

Assignees

No one assigned

    Labels

    Area-NetSDKArea-SBOMEpicGroups multiple user stories. Can be grouped under a theme.

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions