Frank HofmannMar 11

Extended material for #Python training. Added #SPDX classifier, and #Quicksort as sort algorithm

https://github.com/hofmannedv/training-python

Show threadtoscalixFeb 24
#cryptography #algorithm #spdx #exportcontrol #quantumready
Miroslav SuchýFeb 23
New #SPDX License List has been published https://github.com/spdx/license-list-XML/releases/tag/v3.28.0
It includes 33 new licenses and many markup changes to existing licenses. Many of them were added via #Fedora contributors and fedora-license-data.
Nordic Software Security SummiFeb 17

Proudly introducing our speaker Dr Allan Friedman! Allan will talk in the SBOM Focus conference on Friday April 10th. Registration is now open at https://nsss.se

#SBOM #CYCLONEDX #SPDX #CYBERSECURITY #CRA #EUCRA

0xKaishakuninFeb 13

Just stumbled upon the #SPDX #Crypto #List Group

This list provides a shared, unambiguous vocabulary for
identifying and #referencing #cryptographic #algorithms in Software Bill of
Materials (SBOMs), SPDX documents, and related tooling.

https://lists.spdx.org/g/spdx-security/topic/introduction_of_the_spdx/114545649

#cbom #sbom

Nordic Software Security SummiFeb 3

Our sister conference, SBOM FOCUS, is looking for speakers and sponsors. Registration will open soon!

#SBOM #CYCLONEDX #SPDX #CRA

OejFeb 2

Back from #FOSDEM and working on the new European SBOM conference in Stockholm April 10th. Send me your ideas for talks!

#SBOM #CYCLONEDX #SPDX #CYBERSECURITY #CRA #EUCRA

OejFeb 1

The slides for my presentation "Please sign your artefacts. WITH WHAT?" at #FOSDEM in the Security devroom are now available for viewing. A video will be coming soon.

https://fosdem.org/2026/schedule/event/RFFD3M-sign-your-artefacts/

#SBOM #SPDX #CYCLONEDX #OWASP #CYBERSECURITY #PKILOVE #pki

OejFeb 1

At the #AboutCode SBOM tools workshop we talked about creating a way of continuing the discussions. I've just created a #SBOM-tools slack channel in the @orcwg space. Join us to discuss #SBOM tools and interoperability!

https://orcwg.org/participate/

#SBOM #CYCLONEDX #SPDX #PURL

Get Involved in the Open Regulatory Compliance Working Group | Open Regulatory Compliance Working Group

The open source community is collaborating to establish common specifications for secure software development based on open source best practices.

Open Regulatory Compliance Working Group
shulhanJan 15

Finally, complete the v1 of spdxconv.

spdxconv is a program to convert existing licenses and copyrights into #SPDX identifiers or insert new ones. This program works in tandem with #reuse software.

Features:

* REUSE Integration: Detects annotations from REUSE.toml.
* Customizable Defaults: Set default license identifiers and copyright holders.
* Smart Comments: Customizable patterns to set comment syntax ...

See https://git.sr.ht/~shulhan/spdxconv/ for more information.

#openSource #golang