Practical Guide to NTIA Compliant SBOM

In this post I will describe a specific example of how we can generate an SBOM compliant to NTIA minimum specification. I will go over existing tooling, real-world issues and how to work around them. I Problem Statement The document by NTIA outlining minimum SBOM elements was published in 2021. Still, it is a challenge… Continue reading Practical Guide to NTIA Compliant SBOM

ReARM xBOM Manager is now Available

We have launched Project ReARM – SBOM / xBOM and Release Manager. Community Edition is available on GitHub – https://github.com/relizaio/rearm Project Website – https://rearmhq.com

3 Dimensions of Versioning Problem

The versioning problem was significant part of my work for the last 6 years. During that time we wrote a versioning library used for automatic bump of versioning of various schemas. On several occasions I was doing talks and materials on versioning, including my blog post on combinatorial explosion and another one on minor component… Continue reading 3 Dimensions of Versioning Problem

The Value of Thinking

Over the years we saw a lot of different attempts to properly manage the work of software developers and related technical specialists. One of the most grotesque example is using Lines of Code as a key metric for developer productivity, as discussed in The Mythical Man-Month. Still, even today hourly-based contracts remain standard in the… Continue reading The Value of Thinking