feat: validate SBOM result

Open jkowalleck opened this issue 1 year ago • 3 comments

validate SBOM result. shoudl be able to disable vi CLI option --no-validate. (enable via --validate)

Mar 04 '24 20:03 jkowalleck

currently not possible due to technocal limitations -- see #52

Mar 29 '24 14:03 jkowalleck

#52 proved, that this feature is not that easy: XML validation requires gyp - which is not bundle-able as a plugin ... and then the schema files are not resolvable by bundlers ... so again we cannot have this feature hre ...

Mar 29 '24 18:03 jkowalleck

even though the validation is not possible in the yarn plugin itself, it might be possible for the CLI wrapper that is issued by yarn dlx?

May 28 '24 03:05 jkowalleck