A note about the hackathon label: I've flagged a bunch of issues for folk participating in the Open Source Ecosyststems Hackathon March 3-7. Please leave these issues to hackathon participants. if they're not claimed after, say, March 10th, they're fair game to other people (including GSoC participants).

Intel OSS Hackathon Team 1 will be working on this.

I think at this point, @shanscendent and our hackathon team are confident we aren't going to get changes in for this one! Up for grabs for anyone else who wants to give it a go :)

I'll pick it up if no one else from the hackathon is working on it. I'll wait until March 10th.

Hi @terriko , PR #4919 enforces CycloneDX SBOM extension checks (.json/.xml) to fix extension handling. Tests now validate error logging for invalid extensions and use existing SBOM files. Ensures compliance and robust error handling.

Hey @terriko and @22f1001635, I saw that a PR has been submitted—really appreciate the effort you put into it!

Just a heads-up, as per the contribution guidelines, I had already mentioned that I was working on this. No worries this time, but let’s keep it in mind going forward so we don’t end up duplicating work.

Hey, @Arnavk194 i am really sorry for this Actually, I had these solutions nearly complete by the time the maintainer gave it the hackathon tag. I am sorry for not providing the info prior