What’s in your code? Why you need a software bill of materials

Kent Sharkey

Infoworld[^]:

When developers and suppliers carefully list the tools used to build an application and what third-party components are included, IT can improve software patching and updates.

*may contain nuts

Duncan Edwards Jones

Not a bad idea - especially for third party libraries. Falls down a bit when copy-pasta coder gets going though.

Erik Burd

I work in medical devices and we're required to keep a list of software that we use. We spell out which libraries, version number and download link in case of an audit.

"Computer games don't affect kids; I mean if Pac-Man affected us as kids, we'd all be running around in darkened rooms, munching magic pills and listening to repetitive electronic music." -- Marcus Brigstocke, British Comedian