Standard Search
About 6 results
Common Package Specification
https://nesbitt.io/2026/04/13/common-package-specification.html · 13 Apr 2026
Not the cross-ecosystem format the name suggests.
package-managers metadata sbom deep-dive
Go Modules for Package Management Tooling
https://nesbitt.io/2026/02/19/go-modules-for-package-management-tooling.html · 19 Feb 2026
The Go modules behind git-pkgs, rebuilt from my Ruby supply chain libraries.
go sbom package-managers tools
Sandwich Bill of Materials
https://nesbitt.io/2026/02/08/sandwich-bill-of-materials.html · 8 Feb 2026
SBOM 1.0: A specification for sandwich supply chain transparency.
package-managers sbom satire
Package Management at FOSDEM 2026
https://nesbitt.io/2026/02/04/package-management-at-fosdem-2026.html · 4 Feb 2026
Summary of package management talks from FOSDEM 2026, covering supply chain security, attestations, SBOMs, dependency resolution, and distribution packaging across multiple devrooms.
package-managers conferences fosdem security sbom supply-chain
Could lockfiles just be SBOMs?
https://nesbitt.io/2025/12/23/could-lockfiles-just-be-sboms.html · 23 Dec 2025
Lockfiles and SBOMs record the same information in different formats. What if package managers used SBOMs directly, instead of converting later?
package-managers sbom idea
Supply Chain Security Tools for Ruby
https://nesbitt.io/2025/12/14/supply-chain-security-tools-for-ruby.html · 14 Dec 2025
Ruby implementations of PURL, VERS, SBOM, SWHID, and SARIF specs.
ruby sbom package-managers tools
110078 verified documents in index