SBOM references to Trivy and Syft

vbakke · vbakke · commit 5eb5aad521f4 · 2025-09-21T23:51:22.000+02:00
diff --git a/src/assets/YAML/default/BuildAndDeployment/Build.yaml b/src/assets/YAML/default/BuildAndDeployment/Build.yaml
@@ -147,7 +147,9 @@ Build and Deployment:
         resources: 3
       usefulness: 3
       level: 2
-      implementation: []
+      implementation: 
+        - $ref: src/assets/YAML/default/implementations.yaml#/implementations/trivy
+        - $ref: src/assets/YAML/default/implementations.yaml#/implementations/syft
       references:
         samm2:
           - I-SB-1-A
diff --git a/src/assets/YAML/default/implementations.yaml b/src/assets/YAML/default/implementations.yaml
@@ -707,9 +707,14 @@ implementations:
     url: https://github.com/nccgroup/go-pillage-registries
   trivy:
     uuid: 7f500e95-2110-44c4-a1f8-cd7ef5d9eb6b
-    name: https://github.com/aquasecurity/trivy
+    name: Trivy
     tags: []
     url: https://github.com/aquasecurity/trivy
+  syft:
+    uuid: 7543a6f2-3850-47a9-bb2f-0987e2af6f6a
+    name: Syft
+    tags: [sbom, dependency]
+    url: https://github.com/anchore/syft
   grype:
     uuid: 7f500e95-2110-44c4-a1f8-cd7ef5d9eb6b
     name: Grype
