Still digging through this. There are tools that can list your packages if you install Linux packages, i.e. Debian. But there are no tools that can parse your kamailio config to really see what’s loaded and active.
It all depends on what you want to do with the SBOM - if you want to check for vulnerabilities, list licenses or have a generic inventory.
/O
On 28 Sep 2023, at 09:41, Henning Westerholt via sr-users sr-users@lists.kamailio.org wrote:
Hello,
I think Olle was looking into that some month ago, maybe (when he reads it) can share some of his research results if possible. You can also find some of his articles e.g., on his linkedin page.
Cheers,
Henning
-- Henning Westerholt – https://skalatan.de/blog/ Kamailio services – https://gilawa.com https://gilawa.com/
From: Ivan Ribakov via sr-users <sr-users@lists.kamailio.org mailto:sr-users@lists.kamailio.org> Sent: Mittwoch, 27. September 2023 21:11 To: Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org mailto:sr-users@lists.kamailio.org> Cc: Ivan Ribakov <i.ribakov@zaleos.net mailto:i.ribakov@zaleos.net> Subject: [SR-Users] Software bill of materials (SBOM)
Any recommendations for a tool that can generate SBOM for a Kamailio instance based on configured modules?
Thanks, Ivan __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-leave@lists.kamailio.org mailto:sr-users-leave@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: