Details
-
User Story
-
Resolution: Unresolved
-
P3: Somewhat important
-
None
-
Qt Creator 15.0.0
-
None
Description
What is the benefit? Why is this valuable?
Making manual work to create SBOM (Software Bill of Materials) information unnecessary.
What are common use cases?
Licence due diligence and compliancy: Identifying copyright, license information for deliverables (license compliancy).
Configuration management / Cybersecurity: Identifying software components and versions that end up in deliverables.
Technical information
Relevant standards:
- SPDX
Attachments
Issue Links
- clones
-
QTBUG-120586 Create automated SBOM process for Qt framework and tools
-
- In Progress
-
- depends on
-
QTBUG-129609 Provide a public CMake API for user projects to generate an SBOM
-
- In Progress
-
Gerrit Reviews
For Gerrit Dashboard: QTCREATORBUG-31681 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
615674,58 | WIP: CMake: Generate an SPDX v2.3 SBOM for Qt Creator | master | qt-creator/qt-creator | Status: NEW | -2 | 0 |
632233,7 | WIP: CMake: Preliminary support for SBOM generation | qds/dev | qt-creator/tqtc-plugin-qtquickdesigner | Status: NEW | -2 | 0 |
632235,7 | WIP: CMake: Preliminary support for SBOM generation | qds/dev | qt-creator/plugin-telemetry | Status: NEW | -2 | 0 |
632283,8 | WIP: CMake: Annotate attribution json files to targets that use them | master | qt-creator/qt-creator | Status: NEW | -2 | -1 |
632287,9 | WIP: CMake: Add resources and other files to the SBOM | master | qt-creator/qt-creator | Status: NEW | -2 | 0 |
632643,5 | WIP: CMake: Generate an SBOM for the license checker | 16.0 | qt-creator/tqtc-plugin-licensechecker | Status: NEW | -2 | 0 |