diff --git a/.github/workflows/build-and-publish-page.yml b/.github/workflows/build-and-publish-page.yml
index b0b4dc3..a5c1be0 100644
--- a/.github/workflows/build-and-publish-page.yml
+++ b/.github/workflows/build-and-publish-page.yml
@@ -1,8 +1,9 @@
name: Node.js CI
on:
- release:
- types: [published]
+ push:
+ branches:
+ - main
workflow_dispatch:
@@ -18,20 +19,35 @@ jobs:
with:
node-version: 'lts/*'
+ # Build main page for the wiki
+ - name: Install dependencies
+ run: cd SBOM-wiki && npm install
+
+ - name: Run build
+ run: cd SBOM-wiki && npm run build
+
+ # Build the SBOM Catalog and copy the artifact to the wiki
- name: Install dependencies
run: cd SBOM-Catalog && npm install
+ - name: Run lint
+ run: cd SBOM-Catalog && npm run lint
+
- name: Run build
run: cd SBOM-Catalog && npm run build
+ - name: copy Catalog to build artifact
+ run: rm -rf SBOM-wiki/.vitepress/dist/catalog/* && mv SBOM-Catalog/dist/* SBOM-wiki/.vitepress/dist/catalog
+
+ # Publish all aritifacts
- name: Upload pages artifact to action workflow
uses: actions/upload-artifact@v4
with:
name: pages-build-artifact
- path: SBOM-Catalog/dist
+ path: SBOM-wiki/.vitepress/dist/
- name: Create zip for release file
- run: zip -r sbom-catalog-${{github.ref_name}}.zip SBOM-Catalog/dist
+ run: zip -r sbom-catalog-${{github.ref_name}}.zip SBOM-wiki/.vitepress/dist
- name: Upload pages release asset
uses: softprops/action-gh-release@v2
@@ -41,9 +57,10 @@ jobs:
- name: Deploy
uses: JamesIves/github-pages-deploy-action@v4
with:
- folder: SBOM-Catalog/dist
+ folder: SBOM-wiki/.vitepress/dist
branch: gh-pages
+ # Create a SBOM with Syft for SPDX
create_spdx_sbom:
runs-on: ubuntu-latest
@@ -61,6 +78,7 @@ jobs:
artifact-name: sbom-catalog-${{github.ref_name}}.spdx.json
format: spdx-json
+ # Create a SBOM with Syft for CycloneDX
create_cdx_sbom:
runs-on: ubuntu-latest
diff --git a/.github/workflows/build-pull-request.yml b/.github/workflows/build-pull-request.yml
index f9cce5d..e1edcae 100644
--- a/.github/workflows/build-pull-request.yml
+++ b/.github/workflows/build-pull-request.yml
@@ -3,8 +3,10 @@ name: CI
on:
pull_request:
+ workflow_dispatch:
+
jobs:
- build:
+ build-catalog:
runs-on: ubuntu-latest
steps:
@@ -18,5 +20,26 @@ jobs:
- name: Install dependencies
run: cd SBOM-Catalog && npm install
+ - name: Run lint
+ run: cd SBOM-Catalog && npm run lint
+
+ - name: Run build
+ run: cd SBOM-Catalog && npm run build
+
+
+ build-wiki:
+ runs-on: ubuntu-latest
+
+ steps:
+ - uses: actions/checkout@v4
+
+ - name: Use Node.js
+ uses: actions/setup-node@v4
+ with:
+ node-version: 'lts/*'
+
+ - name: Install dependencies
+ run: cd SBOM-wiki && npm install
+
- name: Run build
- run: cd SBOM-Catalog && npm run build
\ No newline at end of file
+ run: cd SBOM-wiki && npm run build
diff --git a/SBOM-Catalog/package-lock.json b/SBOM-Catalog/package-lock.json
index f8fba7a..5284e9e 100644
--- a/SBOM-Catalog/package-lock.json
+++ b/SBOM-Catalog/package-lock.json
@@ -1033,27 +1033,27 @@
}
},
"node_modules/@volar/language-core": {
- "version": "2.4.0-alpha.7",
- "resolved": "https://registry.npmjs.org/@volar/language-core/-/language-core-2.4.0-alpha.7.tgz",
- "integrity": "sha512-3ncRpnoVHCTzJeTiUyKwFTLb3jGfe1r5+S3MwRDPEjsV4LID6Rq6EmdRoF+aKw+Iwg63x4nV+/KYZjeYrp5mNA==",
+ "version": "2.4.0-alpha.12",
+ "resolved": "https://registry.npmjs.org/@volar/language-core/-/language-core-2.4.0-alpha.12.tgz",
+ "integrity": "sha512-Dj9qTifcGGgzFLfMbU5dCo13kHyNuEyvPJhtWDnoVBBmgwW3GMwFmgWnNxBhjf63m5x0gux1okaxX2CLN7qSww==",
"dev": true,
"dependencies": {
- "@volar/source-map": "2.4.0-alpha.7"
+ "@volar/source-map": "2.4.0-alpha.12"
}
},
"node_modules/@volar/source-map": {
- "version": "2.4.0-alpha.7",
- "resolved": "https://registry.npmjs.org/@volar/source-map/-/source-map-2.4.0-alpha.7.tgz",
- "integrity": "sha512-yn66qcUXxUCyyW8PXMHE4z9RdfTO1OhP6BMa/JI0Ed6I6bggzkxvXsJOaMqw3EalCskGPuIWAbWgxwa3Hlp7SA==",
+ "version": "2.4.0-alpha.12",
+ "resolved": "https://registry.npmjs.org/@volar/source-map/-/source-map-2.4.0-alpha.12.tgz",
+ "integrity": "sha512-LXATFSj4D7T9sEm7FFj6iBgHjKjrdhAgRPcechVKiNCMQdr3r3GVkkeu8aM+1peaMH3LsCqoDxVZEmh2r7CHiw==",
"dev": true
},
"node_modules/@volar/typescript": {
- "version": "2.4.0-alpha.7",
- "resolved": "https://registry.npmjs.org/@volar/typescript/-/typescript-2.4.0-alpha.7.tgz",
- "integrity": "sha512-MjvkhcIYPDZS5vbE4bSvbWi8z/VI47AY8MkPVgfa6xqTDLLxV6+QulJ8hIC3wYxh3dfVmA5MOoL5c3cZAsWbDQ==",
+ "version": "2.4.0-alpha.12",
+ "resolved": "https://registry.npmjs.org/@volar/typescript/-/typescript-2.4.0-alpha.12.tgz",
+ "integrity": "sha512-mLg+OQauMTv/+08a7WBWJo1sev/wc8t2is0zhBZIlFU+j5mG89FM4+4089c2p/zoUFZ400Q/VNg2BPfhpZ8wSA==",
"dev": true,
"dependencies": {
- "@volar/language-core": "2.4.0-alpha.7",
+ "@volar/language-core": "2.4.0-alpha.12",
"path-browserify": "^1.0.1",
"vscode-uri": "^3.0.8"
}
@@ -2092,9 +2092,9 @@
}
},
"node_modules/eslint-plugin-vue": {
- "version": "9.26.0",
- "resolved": "https://registry.npmjs.org/eslint-plugin-vue/-/eslint-plugin-vue-9.26.0.tgz",
- "integrity": "sha512-eTvlxXgd4ijE1cdur850G6KalZqk65k1JKoOI2d1kT3hr8sPD07j1q98FRFdNnpxBELGPWxZmInxeHGF/GxtqQ==",
+ "version": "9.27.0",
+ "resolved": "https://registry.npmjs.org/eslint-plugin-vue/-/eslint-plugin-vue-9.27.0.tgz",
+ "integrity": "sha512-5Dw3yxEyuBSXTzT5/Ge1X5kIkRTQ3nvBn/VwPwInNiZBSJOO/timWMUaflONnFBzU6NhB68lxnCda7ULV5N7LA==",
"dev": true,
"dependencies": {
"@eslint-community/eslint-utils": "^4.4.0",
@@ -2103,7 +2103,7 @@
"nth-check": "^2.1.1",
"postcss-selector-parser": "^6.0.15",
"semver": "^7.6.0",
- "vue-eslint-parser": "^9.4.2",
+ "vue-eslint-parser": "^9.4.3",
"xml-name-validator": "^4.0.0"
},
"engines": {
diff --git a/SBOM-Catalog/vite.config.ts b/SBOM-Catalog/vite.config.ts
index cbadd76..cad5e3c 100644
--- a/SBOM-Catalog/vite.config.ts
+++ b/SBOM-Catalog/vite.config.ts
@@ -4,6 +4,7 @@ import vue from '@vitejs/plugin-vue'
// https://vitejs.dev/config/
export default defineConfig({
assetsInclude: ['**/*.yaml'],
- base: '/',
+ base: '/catalog/',
+ // base: '/sbom-everywhere/catalog/',
plugins: [vue()],
})
diff --git a/SBOM-wiki/.gitignore b/SBOM-wiki/.gitignore
new file mode 100644
index 0000000..a547bf3
--- /dev/null
+++ b/SBOM-wiki/.gitignore
@@ -0,0 +1,24 @@
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*
+
+node_modules
+dist
+dist-ssr
+*.local
+
+# Editor directories and files
+.vscode/*
+!.vscode/extensions.json
+.idea
+.DS_Store
+*.suo
+*.ntvs*
+*.njsproj
+*.sln
+*.sw?
diff --git a/SBOM-wiki/.vitepress/config.mts b/SBOM-wiki/.vitepress/config.mts
new file mode 100644
index 0000000..e3eea9a
--- /dev/null
+++ b/SBOM-wiki/.vitepress/config.mts
@@ -0,0 +1,52 @@
+import { defineConfig } from 'vitepress'
+
+// https://vitepress.dev/reference/site-config
+export default defineConfig({
+ // base: "/sbom-everywhere/",
+ title: "SBOM-Everywhere Wiki",
+ description: "Information and advice about using SBOM in open source projects.",
+ themeConfig: {
+ search: {
+ provider: "local"
+ },
+
+ // https://vitepress.dev/reference/default-theme-config
+ nav: [
+ { text: 'Home', link: '/' },
+ { text: 'Basics', link: '/basics' },
+ { text: 'About us', link: '/about-us'}
+ ],
+
+ sidebar: [
+ {
+ text: 'Essentials',
+ items: [
+ { text: 'Basics', link: '/basics' },
+ { text: 'Getting Started', link: '/getting-started' },
+ { text: 'Glossary', link: '/glossery' },
+ { text: 'FAQ', link: '/faq' }
+ ]
+ },
+ {
+ text: 'Cataloges',
+ items: [
+ { text: 'SBOM Tools', link: 'https://sbom-catalog.openssf.org/catalog/' },
+ { text: 'SBOM Compliance', link: '/sbom-compliance' },
+ { text: 'SBOM working groups', link: '/sbom-working-groups'},
+ { text: 'SBOM Example Integrations', link: '/example-integrations' }
+ ]
+ },
+ {
+ text: 'Guidance',
+ items: [
+ { text: 'SBOM Types', link: '/sbom-types' },
+ { text: 'SBOM Naming', link: '/sbom-naming' },
+ { text: 'About us', link: '/about-us'}
+ ]
+ }
+ ],
+ socialLinks: [
+ { icon: 'github', link: 'https://github.com/ossf/sbom-everywhere' }
+ ]
+ }
+})
diff --git a/SBOM-wiki/.vitepress/theme/index.js b/SBOM-wiki/.vitepress/theme/index.js
new file mode 100644
index 0000000..0cb3424
--- /dev/null
+++ b/SBOM-wiki/.vitepress/theme/index.js
@@ -0,0 +1,9 @@
+import DefaultTheme from 'vitepress/theme'
+
+/** @type {import('vitepress').Theme} */
+export default {
+ extends: DefaultTheme,
+ enhanceApp({ app }) {
+ // register your custom global components
+ }
+}
\ No newline at end of file
diff --git a/SBOM-wiki/about-us.md b/SBOM-wiki/about-us.md
new file mode 100644
index 0000000..a811dd2
--- /dev/null
+++ b/SBOM-wiki/about-us.md
@@ -0,0 +1,120 @@
+# SBOM Everywhere SIG (About us)
+
+# OSSF SBOM Everywhere SIG
+
+Home of the OpenSSF SBOM Everywhere SIG. We're glad you're here!
+
+## Get Involved
+
+* Official communications occur on the [openssf-sig-sbom](https://lists.openssf.org/g/openssf-sig-sbom) mailing list
+ * [Manage your subscriptions to Open SSF mailing lists](https://lists.openssf.org/g/main/subgroups)
+* We have a [Slack Channel](https://openssf.slack.com/archives/C03GKSYFRC0) for discussion various SBOM related activities
+
+### Meeting times
+
+* Every other Tuesday @ 11:05am EST. The invite is available on the [OpenSSF Community Calendar](https://calendar.google.com/calendar/u/0/r?cid=czYzdm9lZmhwNWk5cGZsdGI1cTY3bmdwZXNAZ3JvdXAuY2FsZW5kYXIuZ29vZ2xlLmNvbQ).
+* [Meeting Minutes](https://docs.google.com/document/d/193ODRga1F49WKPYYR79SNi9b27mChBqpOf5iiWJcMso/edit#heading=h.xqitfd6hs1gc) can be found in this Google Document. Feel free to add agenda items, please put your name next to items you add.
+
+## Motivation
+
+- The initial motivation for the formation of the OSSF SBOM Everywhere SIG is born from OpenSSF's [The Open Source Software Security Mobilization Plan](reference/mobilization_plan.pdf). SBOM standardization and consensus from within the open source community is integral to adoption of universal constructs that reveal themselves via the exploration of use cases beyond a compliance check box.
+
+## Objective
+
+### The 3 overarching goals from the White House meeting
+- Securing OSS Production: focus on preventing security defects and
+ vulnerabilities in code and open source packages in the first place
+- Improving Vulnerability Discovery & Remediation: improving the process
+ for finding defects and fixing them
+- Shorten Ecosystem Patching Response Time: Shorten the response time for
+ distributing and implementing fixes.
+
+### The goals for this group as defined in the mobilization plan
+- The requirements needed to build use cases using SBOMs are clearly
+ understood, documented and implemented in current SBOM specifications
+- There are “friction free” open source tools that generate SBOMs that meet
+ these requirements
+- There is readily accessible education, awareness and implementation
+ guidance and 3rd party support
+
+
+
+
+## Scope
+
+The mobilization plan defines scope as
+_By focusing on tools and advocacy, we can remove the barriers to
+generation, consumption, and overall adoption of SBOMs everywhere, we can
+improve the security posture of the entire open source ecosystem:
+producers, consumers, and maintainers._
+
+
+
+### Formatting Specifications
+
+For the purposes of establishing ubiquity to ensure sustainability for SBOM related tooling, and future solutions for consumption, “supported” formats must be defined. At this time there are two supported formats that will be in scope for the purposes of this group: [CycloneDX](https://cyclonedx.org) and [SPDX](https://spdx.dev).
+
+Utilization of these specifications would likely be discretionary and interchangeable depending on the use case and SBOM type and the requirements of individual organizations and internal tooling.
+
+This group's interpretation is
+- [Use cases](https://docs.google.com/document/d/15X0TspuxUg19YScqNK1tl5kYpJV2xOrcuSx6CwanYZ0/edit#)
+- Defining types of SBOMs
+ - Source
+ - Binary analysis
+ - Build
+ - Deploy Runtime
+- Generation
+ - Formats - clearly define expectations
+- Consumption
+ - How do we track and encourage the consumption of the artifacts
+ - something about tools
+- Adoption (how do we encourage others to create and use SBOMs)
+ - Something about producers, consumers, and maintainers
+ - Where does the burden lie on accountability and enforcement?
+ - something about tools
+ - Tools are everywhere, what do we do with this?
+ - something about advocacy
+- Attestation?
+ - Not part of tooling, this needs to be a policy decision in these
+ conversations, don't worry about the technical details (yet)
+ - Where does this fit in? Producers, consumers, ???
+ - https://github.com/in-toto/attestation
+- Compliance (regulated industry)
+
+The Federal Government exists at every point of the Software Delivery Lifecycle, hence their minimum requirements are good guides to establish a baseline scope.
+- Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations [NIST SP 800-161 Rev. 1](https://csrc.nist.gov/publications/detail/sp/800-161/rev-1/final)
+- [Executive Order 14028](https://www.nist.gov/itl/executive-order-14028-improving-nations-cybersecurity/software-security-supply-chains)
+- 
+- [Minimum Standards for Federal Government End Users](https://www.nist.gov/itl/executive-order-improving-nations-cybersecurity/recommended-minimum-standard-vendor-or-developer)
+
+
+## SBOM Catalog
+To provide a better overview of the available tooling and their capabilities, this group maintains an SBOM Catalog which can be found under the following link:
+
+[https://ossf.github.io/sbom-everywhere/](https://ossf.github.io/sbom-everywhere/)
+
+If you want to get involved, please see the document [here](https://github.com/ossf/sbom-everywhere/SBOM-Catalog/contribute.md)
+
+
+## Prior Work
+### NTIA
+- [NTIA SBOM Resources](https://ntia.gov/SBOM)
+- [Software Bill of Materials Elements and Considerations](https://www.regulations.gov/docket/NTIA-2021-0001/document)
+- [Plan to Congress on Declassification and Clearances related to The Communications Supply Chain Risk Information Partnership](https://ntia.gov/files/ntia/publications/ntia_plan_on_declassification_and_clearances_re_c-scrip.pdf)
+
+NTIA's legwork has been a guiding source having done the most comprehensive research to date.
+
+### CISA
+- [CISA SBOM Resources](https://www.cisa.gov/sbom)
+
+### OWASP SCVS
+- [OWASP SCVS Resources](https://owasp.org/scvs)
+
+#### Tickets related to BOM Maturity model:
+- [OWASP/Software-Component-Verification-Standard#34](https://github.com/OWASP/Software-Component-Verification-Standard/issues/34)
+- [OWASP/Software-Component-Verification-Standard#35](https://github.com/OWASP/Software-Component-Verification-Standard/issues/35)
+- [OWASP/Software-Component-Verification-Standard#36](https://github.com/OWASP/Software-Component-Verification-Standard/issues/36)
+
+## Governance
+
+The [CHARTER.md](https://github.com/ossf/sbom-everywhere/CHARTER.md) outlines the scope and governance of our group activities.
\ No newline at end of file
diff --git a/SBOM-wiki/basics.md b/SBOM-wiki/basics.md
new file mode 100644
index 0000000..b9c34fc
--- /dev/null
+++ b/SBOM-wiki/basics.md
@@ -0,0 +1,5 @@
+# Basics
+
+::: warning Work in Progress
+This site is Work in progress and just a concept.
+:::
\ No newline at end of file
diff --git a/SBOM-wiki/catalog/index.md b/SBOM-wiki/catalog/index.md
new file mode 100644
index 0000000..c6ed45b
--- /dev/null
+++ b/SBOM-wiki/catalog/index.md
@@ -0,0 +1,3 @@
+::: warning
+THIS IS A PLACEHOLDER FOR THE SBOM CATALOG THAT GETS DEPLOYED HERE. DONT USE THIS PATH FOR OTHER RESOURCES!
+:::
\ No newline at end of file
diff --git a/SBOM-wiki/example-integrations.md b/SBOM-wiki/example-integrations.md
new file mode 100644
index 0000000..b26ca30
--- /dev/null
+++ b/SBOM-wiki/example-integrations.md
@@ -0,0 +1,5 @@
+# Example integrations
+
+::: warning Work in Progress
+This site is Work in progress and just a concept.
+:::
\ No newline at end of file
diff --git a/SBOM-wiki/faq.md b/SBOM-wiki/faq.md
new file mode 100644
index 0000000..480428c
--- /dev/null
+++ b/SBOM-wiki/faq.md
@@ -0,0 +1,5 @@
+# Frequently asked questions
+
+::: warning Work in Progress
+This site is Work in progress and just a concept.
+:::
\ No newline at end of file
diff --git a/SBOM-wiki/getting-started.md b/SBOM-wiki/getting-started.md
new file mode 100644
index 0000000..22f2f02
--- /dev/null
+++ b/SBOM-wiki/getting-started.md
@@ -0,0 +1,26 @@
+# Getting Started
+
+## Select an SBOM-Generation Phase
+Depending on the technology stack used, the phase of the software development lifecycle in which an SBOM is generated can significantly affect its quality. The different phases are explained in more detail in the [SBOM types](/sbom-types). For open-source projects, it is most beneficial to provide a source or a build SBOM, giving the consumer insights into the composition of a project build before it is compiled into an artifact. This provides access to details of the project composition that might otherwise remain hidden. While providing an SBOM based on the analysis of a build artifact can also be useful, such an SBOM can be produced by the user with their preferred tooling.
+
+## Choose a Generation Methodology
+Assuming the goal is to produce a source or build SBOM for a project, it should be decided whether the SBOM generation should be part of the build process (like a plugin added to the build tooling) or if a separate tool should be applied to the repository during the build.
+
+### SBOM Generation in the Build Process
+Adding SBOM generation directly to the build process might produce the best results. The SBOM is based on the build information directly and can therefore represent most of the complexity, such as traversing dependencies or dynamic dependency resolving with variables or version ranges. However, integrating SBOM generation into the build process can complicate changes. Additionally, if the project is composed of several technologies, each requiring its own build tooling and corresponding SBOM plugins, merging the SBOM generation results might be very challenging. Most build plugins only support one of the two SBOM standards, necessitating the choice of one standard or the integration of two SBOM plugins to cover SPDX and CycloneDX separately. This can also lead to additional complexity because these plugins can report different findings for the same project.
+
+> In summary, integrating SBOM generation into the build process via plugins might produce the best results but can add a lot of additional complexities. However, only a few or none of these constraints may apply to a project.
+
+### SBOM Generation with a Separate Tool
+There are also tools that can be applied to the sources of a project without relying on a build integration. Tools like Syft, Trivy, or CdxGen can be used in this manner. While they are easier to integrate and operate within a project, they might not produce the best quality SBOM. Depending on the technology stack and build setup, it can be harder to resolve traversing dependencies, versions from version ranges or variables might be incorrect or missing, and license information might be wrong or missing (you can find some test reports [here](https://mariuxdeangelo.gitlab.io/website/#/post/20230924-SBOM-dependency-semantics-SPDX-and-CycloneDx)). On the plus side, they are easy to integrate, often support both SBOM standards (SPDX and CycloneDX), and can cover projects using several technologies in the same repository (no merging of SBOM data required).
+
+> In summary, generating the SBOM with a separate tool is a good start and can be easier, but the results might be more accurate if derived from the build process. Nevertheless, the results might still be able to meet the requirements of the *NTIA minimum elements for an SBOM* (US regulations) or the requirements set by the *EU CRA* (EU regulations).
+
+## Select an SBOM Tool
+To select a tool, check out our tooling [catalog](/catalog/index.html).
+
+## Integrate into Your Build
+When integrating an SBOM generator into a project, it is important to ensure that each artifact gets its own SBOM. This is not an issue if the project produces only one artifact. However, if the project is, for example, a monorepository holding several products built for different platforms using diverging dependencies, it is important to provide separate SBOMs for each of them.
+
+## Publish with Your Artifacts
+An SBOM should be published along with its artifacts. It can also be considered to publish an SBOM inside an artifact to make it inseparable from the provided artifact. Further guidance is provided by the [SBOM naming](sbom-naming.md) document.
\ No newline at end of file
diff --git a/SBOM-wiki/glossery.md b/SBOM-wiki/glossery.md
new file mode 100644
index 0000000..780b81b
--- /dev/null
+++ b/SBOM-wiki/glossery.md
@@ -0,0 +1,15 @@
+# Glossery
+
+::: warning Work in Progress
+This site is Work in progress and just a concept.
+:::
+
+### SBOM
+
+A Software Bill of Materials (SBOM) is a structured record that identifies the components and their relationships within a software product. It functions like an ingredients list, detailing the various software components and their versions that make up a final software product. This record helps with transparency in the software supply chain, enabling better understanding, management, and ultimately, improved security of the software.
+
+### SPDX
+
+### CycloneDX
+
+### SWID
diff --git a/SBOM-wiki/index.md b/SBOM-wiki/index.md
new file mode 100644
index 0000000..f4982f8
--- /dev/null
+++ b/SBOM-wiki/index.md
@@ -0,0 +1,61 @@
+---
+# https://vitepress.dev/reference/default-theme-home-page
+layout: home
+
+hero:
+ name: "SBOM-Everywhere"
+ text: "SBOMs in open source projects"
+ tagline: Adding SBOMs to Open Source Projects.
+ actions:
+ - theme: brand
+ text: Getting started
+ link: /getting-started
+ - theme: brand
+ text: Tooling Catalog
+ link: https://sbom-catalog.openssf.org/catalog/
+ image:
+ src: thumbnail.webp
+ alt: SBOM catalog
+
+features:
+ - title: SBOM Catalog
+ details: Looking for the right SBOM tooling? Explore our interactive catalog.
+ link: https://sbom-catalog.openssf.org/catalog/
+ - title: SBOM Types
+ details: What types of SBOMs are there and what do I need?
+ link: /sbom-types
+ - title: SBOM Naming
+ details: Wondering were to put and how to name your SBOMs? Look here for best practices.
+ link: /sbom-naming
+ - title: Examples
+ details: Looking for examples and references, how other Open Source Projects integrated SBOM.
+ link: /example-implementation
+ - title: SBOM in compliance
+ details: Wondering who requires SBOM and want to see a list referencing the sources? Here's a list of laws, guidelines and requirements mandating SBOMs.
+ link: /sbom-compliance
+ - title: Working Groups
+ details: Do you want to join, contribute or ask questions. Her is a list of working groups.
+ link: sbom-everywhere-sig
+---
+
+
\ No newline at end of file
diff --git a/SBOM-wiki/package-lock.json b/SBOM-wiki/package-lock.json
new file mode 100644
index 0000000..8276135
--- /dev/null
+++ b/SBOM-wiki/package-lock.json
@@ -0,0 +1,1675 @@
+{
+ "name": "SBOM-wiki",
+ "lockfileVersion": 3,
+ "requires": true,
+ "packages": {
+ "": {
+ "devDependencies": {
+ "vitepress": "^1.2.2"
+ }
+ },
+ "node_modules/@algolia/autocomplete-core": {
+ "version": "1.9.3",
+ "resolved": "https://registry.npmjs.org/@algolia/autocomplete-core/-/autocomplete-core-1.9.3.tgz",
+ "integrity": "sha512-009HdfugtGCdC4JdXUbVJClA0q0zh24yyePn+KUGk3rP7j8FEe/m5Yo/z65gn6nP/cM39PxpzqKrL7A6fP6PPw==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/autocomplete-plugin-algolia-insights": "1.9.3",
+ "@algolia/autocomplete-shared": "1.9.3"
+ }
+ },
+ "node_modules/@algolia/autocomplete-plugin-algolia-insights": {
+ "version": "1.9.3",
+ "resolved": "https://registry.npmjs.org/@algolia/autocomplete-plugin-algolia-insights/-/autocomplete-plugin-algolia-insights-1.9.3.tgz",
+ "integrity": "sha512-a/yTUkcO/Vyy+JffmAnTWbr4/90cLzw+CC3bRbhnULr/EM0fGNvM13oQQ14f2moLMcVDyAx/leczLlAOovhSZg==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/autocomplete-shared": "1.9.3"
+ },
+ "peerDependencies": {
+ "search-insights": ">= 1 < 3"
+ }
+ },
+ "node_modules/@algolia/autocomplete-preset-algolia": {
+ "version": "1.9.3",
+ "resolved": "https://registry.npmjs.org/@algolia/autocomplete-preset-algolia/-/autocomplete-preset-algolia-1.9.3.tgz",
+ "integrity": "sha512-d4qlt6YmrLMYy95n5TB52wtNDr6EgAIPH81dvvvW8UmuWRgxEtY0NJiPwl/h95JtG2vmRM804M0DSwMCNZlzRA==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/autocomplete-shared": "1.9.3"
+ },
+ "peerDependencies": {
+ "@algolia/client-search": ">= 4.9.1 < 6",
+ "algoliasearch": ">= 4.9.1 < 6"
+ }
+ },
+ "node_modules/@algolia/autocomplete-shared": {
+ "version": "1.9.3",
+ "resolved": "https://registry.npmjs.org/@algolia/autocomplete-shared/-/autocomplete-shared-1.9.3.tgz",
+ "integrity": "sha512-Wnm9E4Ye6Rl6sTTqjoymD+l8DjSTHsHboVRYrKgEt8Q7UHm9nYbqhN/i0fhUYA3OAEH7WA8x3jfpnmJm3rKvaQ==",
+ "dev": true,
+ "peerDependencies": {
+ "@algolia/client-search": ">= 4.9.1 < 6",
+ "algoliasearch": ">= 4.9.1 < 6"
+ }
+ },
+ "node_modules/@algolia/cache-browser-local-storage": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/cache-browser-local-storage/-/cache-browser-local-storage-4.24.0.tgz",
+ "integrity": "sha512-t63W9BnoXVrGy9iYHBgObNXqYXM3tYXCjDSHeNwnsc324r4o5UiVKUiAB4THQ5z9U5hTj6qUvwg/Ez43ZD85ww==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/cache-common": "4.24.0"
+ }
+ },
+ "node_modules/@algolia/cache-common": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/cache-common/-/cache-common-4.24.0.tgz",
+ "integrity": "sha512-emi+v+DmVLpMGhp0V9q9h5CdkURsNmFC+cOS6uK9ndeJm9J4TiqSvPYVu+THUP8P/S08rxf5x2P+p3CfID0Y4g==",
+ "dev": true
+ },
+ "node_modules/@algolia/cache-in-memory": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/cache-in-memory/-/cache-in-memory-4.24.0.tgz",
+ "integrity": "sha512-gDrt2so19jW26jY3/MkFg5mEypFIPbPoXsQGQWAi6TrCPsNOSEYepBMPlucqWigsmEy/prp5ug2jy/N3PVG/8w==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/cache-common": "4.24.0"
+ }
+ },
+ "node_modules/@algolia/client-account": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/client-account/-/client-account-4.24.0.tgz",
+ "integrity": "sha512-adcvyJ3KjPZFDybxlqnf+5KgxJtBjwTPTeyG2aOyoJvx0Y8dUQAEOEVOJ/GBxX0WWNbmaSrhDURMhc+QeevDsA==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/client-common": "4.24.0",
+ "@algolia/client-search": "4.24.0",
+ "@algolia/transporter": "4.24.0"
+ }
+ },
+ "node_modules/@algolia/client-analytics": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/client-analytics/-/client-analytics-4.24.0.tgz",
+ "integrity": "sha512-y8jOZt1OjwWU4N2qr8G4AxXAzaa8DBvyHTWlHzX/7Me1LX8OayfgHexqrsL4vSBcoMmVw2XnVW9MhL+Y2ZDJXg==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/client-common": "4.24.0",
+ "@algolia/client-search": "4.24.0",
+ "@algolia/requester-common": "4.24.0",
+ "@algolia/transporter": "4.24.0"
+ }
+ },
+ "node_modules/@algolia/client-common": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/client-common/-/client-common-4.24.0.tgz",
+ "integrity": "sha512-bc2ROsNL6w6rqpl5jj/UywlIYC21TwSSoFHKl01lYirGMW+9Eek6r02Tocg4gZ8HAw3iBvu6XQiM3BEbmEMoiA==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/requester-common": "4.24.0",
+ "@algolia/transporter": "4.24.0"
+ }
+ },
+ "node_modules/@algolia/client-personalization": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/client-personalization/-/client-personalization-4.24.0.tgz",
+ "integrity": "sha512-l5FRFm/yngztweU0HdUzz1rC4yoWCFo3IF+dVIVTfEPg906eZg5BOd1k0K6rZx5JzyyoP4LdmOikfkfGsKVE9w==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/client-common": "4.24.0",
+ "@algolia/requester-common": "4.24.0",
+ "@algolia/transporter": "4.24.0"
+ }
+ },
+ "node_modules/@algolia/client-search": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/client-search/-/client-search-4.24.0.tgz",
+ "integrity": "sha512-uRW6EpNapmLAD0mW47OXqTP8eiIx5F6qN9/x/7HHO6owL3N1IXqydGwW5nhDFBrV+ldouro2W1VX3XlcUXEFCA==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/client-common": "4.24.0",
+ "@algolia/requester-common": "4.24.0",
+ "@algolia/transporter": "4.24.0"
+ }
+ },
+ "node_modules/@algolia/logger-common": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/logger-common/-/logger-common-4.24.0.tgz",
+ "integrity": "sha512-LLUNjkahj9KtKYrQhFKCzMx0BY3RnNP4FEtO+sBybCjJ73E8jNdaKJ/Dd8A/VA4imVHP5tADZ8pn5B8Ga/wTMA==",
+ "dev": true
+ },
+ "node_modules/@algolia/logger-console": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/logger-console/-/logger-console-4.24.0.tgz",
+ "integrity": "sha512-X4C8IoHgHfiUROfoRCV+lzSy+LHMgkoEEU1BbKcsfnV0i0S20zyy0NLww9dwVHUWNfPPxdMU+/wKmLGYf96yTg==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/logger-common": "4.24.0"
+ }
+ },
+ "node_modules/@algolia/recommend": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/recommend/-/recommend-4.24.0.tgz",
+ "integrity": "sha512-P9kcgerfVBpfYHDfVZDvvdJv0lEoCvzNlOy2nykyt5bK8TyieYyiD0lguIJdRZZYGre03WIAFf14pgE+V+IBlw==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/cache-browser-local-storage": "4.24.0",
+ "@algolia/cache-common": "4.24.0",
+ "@algolia/cache-in-memory": "4.24.0",
+ "@algolia/client-common": "4.24.0",
+ "@algolia/client-search": "4.24.0",
+ "@algolia/logger-common": "4.24.0",
+ "@algolia/logger-console": "4.24.0",
+ "@algolia/requester-browser-xhr": "4.24.0",
+ "@algolia/requester-common": "4.24.0",
+ "@algolia/requester-node-http": "4.24.0",
+ "@algolia/transporter": "4.24.0"
+ }
+ },
+ "node_modules/@algolia/requester-browser-xhr": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/requester-browser-xhr/-/requester-browser-xhr-4.24.0.tgz",
+ "integrity": "sha512-Z2NxZMb6+nVXSjF13YpjYTdvV3032YTBSGm2vnYvYPA6mMxzM3v5rsCiSspndn9rzIW4Qp1lPHBvuoKJV6jnAA==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/requester-common": "4.24.0"
+ }
+ },
+ "node_modules/@algolia/requester-common": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/requester-common/-/requester-common-4.24.0.tgz",
+ "integrity": "sha512-k3CXJ2OVnvgE3HMwcojpvY6d9kgKMPRxs/kVohrwF5WMr2fnqojnycZkxPoEg+bXm8fi5BBfFmOqgYztRtHsQA==",
+ "dev": true
+ },
+ "node_modules/@algolia/requester-node-http": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/requester-node-http/-/requester-node-http-4.24.0.tgz",
+ "integrity": "sha512-JF18yTjNOVYvU/L3UosRcvbPMGT9B+/GQWNWnenIImglzNVGpyzChkXLnrSf6uxwVNO6ESGu6oN8MqcGQcjQJw==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/requester-common": "4.24.0"
+ }
+ },
+ "node_modules/@algolia/transporter": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/@algolia/transporter/-/transporter-4.24.0.tgz",
+ "integrity": "sha512-86nI7w6NzWxd1Zp9q3413dRshDqAzSbsQjhcDhPIatEFiZrL1/TjnHL8S7jVKFePlIMzDsZWXAXwXzcok9c5oA==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/cache-common": "4.24.0",
+ "@algolia/logger-common": "4.24.0",
+ "@algolia/requester-common": "4.24.0"
+ }
+ },
+ "node_modules/@babel/parser": {
+ "version": "7.24.7",
+ "resolved": "https://registry.npmjs.org/@babel/parser/-/parser-7.24.7.tgz",
+ "integrity": "sha512-9uUYRm6OqQrCqQdG1iCBwBPZgN8ciDBro2nIOFaiRz1/BCxaI7CNvQbDHvsArAC7Tw9Hda/B3U+6ui9u4HWXPw==",
+ "dev": true,
+ "bin": {
+ "parser": "bin/babel-parser.js"
+ },
+ "engines": {
+ "node": ">=6.0.0"
+ }
+ },
+ "node_modules/@docsearch/css": {
+ "version": "3.6.0",
+ "resolved": "https://registry.npmjs.org/@docsearch/css/-/css-3.6.0.tgz",
+ "integrity": "sha512-+sbxb71sWre+PwDK7X2T8+bhS6clcVMLwBPznX45Qu6opJcgRjAp7gYSDzVFp187J+feSj5dNBN1mJoi6ckkUQ==",
+ "dev": true
+ },
+ "node_modules/@docsearch/js": {
+ "version": "3.6.0",
+ "resolved": "https://registry.npmjs.org/@docsearch/js/-/js-3.6.0.tgz",
+ "integrity": "sha512-QujhqINEElrkIfKwyyyTfbsfMAYCkylInLYMRqHy7PHc8xTBQCow73tlo/Kc7oIwBrCLf0P3YhjlOeV4v8hevQ==",
+ "dev": true,
+ "dependencies": {
+ "@docsearch/react": "3.6.0",
+ "preact": "^10.0.0"
+ }
+ },
+ "node_modules/@docsearch/react": {
+ "version": "3.6.0",
+ "resolved": "https://registry.npmjs.org/@docsearch/react/-/react-3.6.0.tgz",
+ "integrity": "sha512-HUFut4ztcVNmqy9gp/wxNbC7pTOHhgVVkHVGCACTuLhUKUhKAF9KYHJtMiLUJxEqiFLQiuri1fWF8zqwM/cu1w==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/autocomplete-core": "1.9.3",
+ "@algolia/autocomplete-preset-algolia": "1.9.3",
+ "@docsearch/css": "3.6.0",
+ "algoliasearch": "^4.19.1"
+ },
+ "peerDependencies": {
+ "@types/react": ">= 16.8.0 < 19.0.0",
+ "react": ">= 16.8.0 < 19.0.0",
+ "react-dom": ">= 16.8.0 < 19.0.0",
+ "search-insights": ">= 1 < 3"
+ },
+ "peerDependenciesMeta": {
+ "@types/react": {
+ "optional": true
+ },
+ "react": {
+ "optional": true
+ },
+ "react-dom": {
+ "optional": true
+ },
+ "search-insights": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@esbuild/aix-ppc64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.21.5.tgz",
+ "integrity": "sha512-1SDgH6ZSPTlggy1yI6+Dbkiz8xzpHJEVAlF/AM1tHPLsf5STom9rwtjE4hKAF20FfXXNTFqEYXyJNWh1GiZedQ==",
+ "cpu": [
+ "ppc64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "aix"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/android-arm": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.21.5.tgz",
+ "integrity": "sha512-vCPvzSjpPHEi1siZdlvAlsPxXl7WbOVUBBAowWug4rJHb68Ox8KualB+1ocNvT5fjv6wpkX6o/iEpbDrf68zcg==",
+ "cpu": [
+ "arm"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "android"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/android-arm64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.21.5.tgz",
+ "integrity": "sha512-c0uX9VAUBQ7dTDCjq+wdyGLowMdtR/GoC2U5IYk/7D1H1JYC0qseD7+11iMP2mRLN9RcCMRcjC4YMclCzGwS/A==",
+ "cpu": [
+ "arm64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "android"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/android-x64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.21.5.tgz",
+ "integrity": "sha512-D7aPRUUNHRBwHxzxRvp856rjUHRFW1SdQATKXH2hqA0kAZb1hKmi02OpYRacl0TxIGz/ZmXWlbZgjwWYaCakTA==",
+ "cpu": [
+ "x64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "android"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/darwin-arm64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.21.5.tgz",
+ "integrity": "sha512-DwqXqZyuk5AiWWf3UfLiRDJ5EDd49zg6O9wclZ7kUMv2WRFr4HKjXp/5t8JZ11QbQfUS6/cRCKGwYhtNAY88kQ==",
+ "cpu": [
+ "arm64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "darwin"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/darwin-x64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.21.5.tgz",
+ "integrity": "sha512-se/JjF8NlmKVG4kNIuyWMV/22ZaerB+qaSi5MdrXtd6R08kvs2qCN4C09miupktDitvh8jRFflwGFBQcxZRjbw==",
+ "cpu": [
+ "x64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "darwin"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/freebsd-arm64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.21.5.tgz",
+ "integrity": "sha512-5JcRxxRDUJLX8JXp/wcBCy3pENnCgBR9bN6JsY4OmhfUtIHe3ZW0mawA7+RDAcMLrMIZaf03NlQiX9DGyB8h4g==",
+ "cpu": [
+ "arm64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "freebsd"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/freebsd-x64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.21.5.tgz",
+ "integrity": "sha512-J95kNBj1zkbMXtHVH29bBriQygMXqoVQOQYA+ISs0/2l3T9/kj42ow2mpqerRBxDJnmkUDCaQT/dfNXWX/ZZCQ==",
+ "cpu": [
+ "x64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "freebsd"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/linux-arm": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.21.5.tgz",
+ "integrity": "sha512-bPb5AHZtbeNGjCKVZ9UGqGwo8EUu4cLq68E95A53KlxAPRmUyYv2D6F0uUI65XisGOL1hBP5mTronbgo+0bFcA==",
+ "cpu": [
+ "arm"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/linux-arm64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.21.5.tgz",
+ "integrity": "sha512-ibKvmyYzKsBeX8d8I7MH/TMfWDXBF3db4qM6sy+7re0YXya+K1cem3on9XgdT2EQGMu4hQyZhan7TeQ8XkGp4Q==",
+ "cpu": [
+ "arm64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/linux-ia32": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.21.5.tgz",
+ "integrity": "sha512-YvjXDqLRqPDl2dvRODYmmhz4rPeVKYvppfGYKSNGdyZkA01046pLWyRKKI3ax8fbJoK5QbxblURkwK/MWY18Tg==",
+ "cpu": [
+ "ia32"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/linux-loong64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.21.5.tgz",
+ "integrity": "sha512-uHf1BmMG8qEvzdrzAqg2SIG/02+4/DHB6a9Kbya0XDvwDEKCoC8ZRWI5JJvNdUjtciBGFQ5PuBlpEOXQj+JQSg==",
+ "cpu": [
+ "loong64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/linux-mips64el": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.21.5.tgz",
+ "integrity": "sha512-IajOmO+KJK23bj52dFSNCMsz1QP1DqM6cwLUv3W1QwyxkyIWecfafnI555fvSGqEKwjMXVLokcV5ygHW5b3Jbg==",
+ "cpu": [
+ "mips64el"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/linux-ppc64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.21.5.tgz",
+ "integrity": "sha512-1hHV/Z4OEfMwpLO8rp7CvlhBDnjsC3CttJXIhBi+5Aj5r+MBvy4egg7wCbe//hSsT+RvDAG7s81tAvpL2XAE4w==",
+ "cpu": [
+ "ppc64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/linux-riscv64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.21.5.tgz",
+ "integrity": "sha512-2HdXDMd9GMgTGrPWnJzP2ALSokE/0O5HhTUvWIbD3YdjME8JwvSCnNGBnTThKGEB91OZhzrJ4qIIxk/SBmyDDA==",
+ "cpu": [
+ "riscv64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/linux-s390x": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.21.5.tgz",
+ "integrity": "sha512-zus5sxzqBJD3eXxwvjN1yQkRepANgxE9lgOW2qLnmr8ikMTphkjgXu1HR01K4FJg8h1kEEDAqDcZQtbrRnB41A==",
+ "cpu": [
+ "s390x"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/linux-x64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.21.5.tgz",
+ "integrity": "sha512-1rYdTpyv03iycF1+BhzrzQJCdOuAOtaqHTWJZCWvijKD2N5Xu0TtVC8/+1faWqcP9iBCWOmjmhoH94dH82BxPQ==",
+ "cpu": [
+ "x64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/netbsd-x64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.21.5.tgz",
+ "integrity": "sha512-Woi2MXzXjMULccIwMnLciyZH4nCIMpWQAs049KEeMvOcNADVxo0UBIQPfSmxB3CWKedngg7sWZdLvLczpe0tLg==",
+ "cpu": [
+ "x64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "netbsd"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/openbsd-x64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.21.5.tgz",
+ "integrity": "sha512-HLNNw99xsvx12lFBUwoT8EVCsSvRNDVxNpjZ7bPn947b8gJPzeHWyNVhFsaerc0n3TsbOINvRP2byTZ5LKezow==",
+ "cpu": [
+ "x64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "openbsd"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/sunos-x64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.21.5.tgz",
+ "integrity": "sha512-6+gjmFpfy0BHU5Tpptkuh8+uw3mnrvgs+dSPQXQOv3ekbordwnzTVEb4qnIvQcYXq6gzkyTnoZ9dZG+D4garKg==",
+ "cpu": [
+ "x64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "sunos"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/win32-arm64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.21.5.tgz",
+ "integrity": "sha512-Z0gOTd75VvXqyq7nsl93zwahcTROgqvuAcYDUr+vOv8uHhNSKROyU961kgtCD1e95IqPKSQKH7tBTslnS3tA8A==",
+ "cpu": [
+ "arm64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "win32"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/win32-ia32": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.21.5.tgz",
+ "integrity": "sha512-SWXFF1CL2RVNMaVs+BBClwtfZSvDgtL//G/smwAc5oVK/UPu2Gu9tIaRgFmYFFKrmg3SyAjSrElf0TiJ1v8fYA==",
+ "cpu": [
+ "ia32"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "win32"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@esbuild/win32-x64": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.21.5.tgz",
+ "integrity": "sha512-tQd/1efJuzPC6rCFwEvLtci/xNFcTZknmXs98FYDfGE4wP9ClFV98nyKrzJKVPMhdDnjzLhdUyMX4PsQAPjwIw==",
+ "cpu": [
+ "x64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "win32"
+ ],
+ "engines": {
+ "node": ">=12"
+ }
+ },
+ "node_modules/@jridgewell/sourcemap-codec": {
+ "version": "1.4.15",
+ "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.4.15.tgz",
+ "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg==",
+ "dev": true
+ },
+ "node_modules/@rollup/rollup-android-arm-eabi": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm-eabi/-/rollup-android-arm-eabi-4.18.0.tgz",
+ "integrity": "sha512-Tya6xypR10giZV1XzxmH5wr25VcZSncG0pZIjfePT0OVBvqNEurzValetGNarVrGiq66EBVAFn15iYX4w6FKgQ==",
+ "cpu": [
+ "arm"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "android"
+ ]
+ },
+ "node_modules/@rollup/rollup-android-arm64": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-android-arm64/-/rollup-android-arm64-4.18.0.tgz",
+ "integrity": "sha512-avCea0RAP03lTsDhEyfy+hpfr85KfyTctMADqHVhLAF3MlIkq83CP8UfAHUssgXTYd+6er6PaAhx/QGv4L1EiA==",
+ "cpu": [
+ "arm64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "android"
+ ]
+ },
+ "node_modules/@rollup/rollup-darwin-arm64": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-arm64/-/rollup-darwin-arm64-4.18.0.tgz",
+ "integrity": "sha512-IWfdwU7KDSm07Ty0PuA/W2JYoZ4iTj3TUQjkVsO/6U+4I1jN5lcR71ZEvRh52sDOERdnNhhHU57UITXz5jC1/w==",
+ "cpu": [
+ "arm64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "darwin"
+ ]
+ },
+ "node_modules/@rollup/rollup-darwin-x64": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-darwin-x64/-/rollup-darwin-x64-4.18.0.tgz",
+ "integrity": "sha512-n2LMsUz7Ynu7DoQrSQkBf8iNrjOGyPLrdSg802vk6XT3FtsgX6JbE8IHRvposskFm9SNxzkLYGSq9QdpLYpRNA==",
+ "cpu": [
+ "x64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "darwin"
+ ]
+ },
+ "node_modules/@rollup/rollup-linux-arm-gnueabihf": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.18.0.tgz",
+ "integrity": "sha512-C/zbRYRXFjWvz9Z4haRxcTdnkPt1BtCkz+7RtBSuNmKzMzp3ZxdM28Mpccn6pt28/UWUCTXa+b0Mx1k3g6NOMA==",
+ "cpu": [
+ "arm"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ]
+ },
+ "node_modules/@rollup/rollup-linux-arm-musleabihf": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-musleabihf/-/rollup-linux-arm-musleabihf-4.18.0.tgz",
+ "integrity": "sha512-l3m9ewPgjQSXrUMHg93vt0hYCGnrMOcUpTz6FLtbwljo2HluS4zTXFy2571YQbisTnfTKPZ01u/ukJdQTLGh9A==",
+ "cpu": [
+ "arm"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ]
+ },
+ "node_modules/@rollup/rollup-linux-arm64-gnu": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-gnu/-/rollup-linux-arm64-gnu-4.18.0.tgz",
+ "integrity": "sha512-rJ5D47d8WD7J+7STKdCUAgmQk49xuFrRi9pZkWoRD1UeSMakbcepWXPF8ycChBoAqs1pb2wzvbY6Q33WmN2ftw==",
+ "cpu": [
+ "arm64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ]
+ },
+ "node_modules/@rollup/rollup-linux-arm64-musl": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm64-musl/-/rollup-linux-arm64-musl-4.18.0.tgz",
+ "integrity": "sha512-be6Yx37b24ZwxQ+wOQXXLZqpq4jTckJhtGlWGZs68TgdKXJgw54lUUoFYrg6Zs/kjzAQwEwYbp8JxZVzZLRepQ==",
+ "cpu": [
+ "arm64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ]
+ },
+ "node_modules/@rollup/rollup-linux-powerpc64le-gnu": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-powerpc64le-gnu/-/rollup-linux-powerpc64le-gnu-4.18.0.tgz",
+ "integrity": "sha512-hNVMQK+qrA9Todu9+wqrXOHxFiD5YmdEi3paj6vP02Kx1hjd2LLYR2eaN7DsEshg09+9uzWi2W18MJDlG0cxJA==",
+ "cpu": [
+ "ppc64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ]
+ },
+ "node_modules/@rollup/rollup-linux-riscv64-gnu": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-riscv64-gnu/-/rollup-linux-riscv64-gnu-4.18.0.tgz",
+ "integrity": "sha512-ROCM7i+m1NfdrsmvwSzoxp9HFtmKGHEqu5NNDiZWQtXLA8S5HBCkVvKAxJ8U+CVctHwV2Gb5VUaK7UAkzhDjlg==",
+ "cpu": [
+ "riscv64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ]
+ },
+ "node_modules/@rollup/rollup-linux-s390x-gnu": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-s390x-gnu/-/rollup-linux-s390x-gnu-4.18.0.tgz",
+ "integrity": "sha512-0UyyRHyDN42QL+NbqevXIIUnKA47A+45WyasO+y2bGJ1mhQrfrtXUpTxCOrfxCR4esV3/RLYyucGVPiUsO8xjg==",
+ "cpu": [
+ "s390x"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ]
+ },
+ "node_modules/@rollup/rollup-linux-x64-gnu": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-gnu/-/rollup-linux-x64-gnu-4.18.0.tgz",
+ "integrity": "sha512-xuglR2rBVHA5UsI8h8UbX4VJ470PtGCf5Vpswh7p2ukaqBGFTnsfzxUBetoWBWymHMxbIG0Cmx7Y9qDZzr648w==",
+ "cpu": [
+ "x64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ]
+ },
+ "node_modules/@rollup/rollup-linux-x64-musl": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-x64-musl/-/rollup-linux-x64-musl-4.18.0.tgz",
+ "integrity": "sha512-LKaqQL9osY/ir2geuLVvRRs+utWUNilzdE90TpyoX0eNqPzWjRm14oMEE+YLve4k/NAqCdPkGYDaDF5Sw+xBfg==",
+ "cpu": [
+ "x64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "linux"
+ ]
+ },
+ "node_modules/@rollup/rollup-win32-arm64-msvc": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-arm64-msvc/-/rollup-win32-arm64-msvc-4.18.0.tgz",
+ "integrity": "sha512-7J6TkZQFGo9qBKH0pk2cEVSRhJbL6MtfWxth7Y5YmZs57Pi+4x6c2dStAUvaQkHQLnEQv1jzBUW43GvZW8OFqA==",
+ "cpu": [
+ "arm64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "win32"
+ ]
+ },
+ "node_modules/@rollup/rollup-win32-ia32-msvc": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-ia32-msvc/-/rollup-win32-ia32-msvc-4.18.0.tgz",
+ "integrity": "sha512-Txjh+IxBPbkUB9+SXZMpv+b/vnTEtFyfWZgJ6iyCmt2tdx0OF5WhFowLmnh8ENGNpfUlUZkdI//4IEmhwPieNg==",
+ "cpu": [
+ "ia32"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "win32"
+ ]
+ },
+ "node_modules/@rollup/rollup-win32-x64-msvc": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/@rollup/rollup-win32-x64-msvc/-/rollup-win32-x64-msvc-4.18.0.tgz",
+ "integrity": "sha512-UOo5FdvOL0+eIVTgS4tIdbW+TtnBLWg1YBCcU2KWM7nuNwRz9bksDX1bekJJCpu25N1DVWaCwnT39dVQxzqS8g==",
+ "cpu": [
+ "x64"
+ ],
+ "dev": true,
+ "optional": true,
+ "os": [
+ "win32"
+ ]
+ },
+ "node_modules/@shikijs/core": {
+ "version": "1.10.1",
+ "resolved": "https://registry.npmjs.org/@shikijs/core/-/core-1.10.1.tgz",
+ "integrity": "sha512-qdiJS5a/QGCff7VUFIqd0hDdWly9rDp8lhVmXVrS11aazX8LOTRLHAXkkEeONNsS43EcCd7gax9LLoOz4vlFQA==",
+ "dev": true
+ },
+ "node_modules/@shikijs/transformers": {
+ "version": "1.10.1",
+ "resolved": "https://registry.npmjs.org/@shikijs/transformers/-/transformers-1.10.1.tgz",
+ "integrity": "sha512-0gLtcFyi6R6zcUkFajUEp1Qiv7lHBSFgOz4tQvS8nFsYCQSLI1/9pM+Me8jEIPXv7XLKAoUjw6InL+Sv+BHw/A==",
+ "dev": true,
+ "dependencies": {
+ "shiki": "1.10.1"
+ }
+ },
+ "node_modules/@types/estree": {
+ "version": "1.0.5",
+ "resolved": "https://registry.npmjs.org/@types/estree/-/estree-1.0.5.tgz",
+ "integrity": "sha512-/kYRxGDLWzHOB7q+wtSUQlFrtcdUccpfy+X+9iMBpHK8QLLhx2wIPYuS5DYtR9Wa/YlZAbIovy7qVdB1Aq6Lyw==",
+ "dev": true
+ },
+ "node_modules/@types/linkify-it": {
+ "version": "5.0.0",
+ "resolved": "https://registry.npmjs.org/@types/linkify-it/-/linkify-it-5.0.0.tgz",
+ "integrity": "sha512-sVDA58zAw4eWAffKOaQH5/5j3XeayukzDk+ewSsnv3p4yJEZHCCzMDiZM8e0OUrRvmpGZ85jf4yDHkHsgBNr9Q==",
+ "dev": true
+ },
+ "node_modules/@types/markdown-it": {
+ "version": "14.1.1",
+ "resolved": "https://registry.npmjs.org/@types/markdown-it/-/markdown-it-14.1.1.tgz",
+ "integrity": "sha512-4NpsnpYl2Gt1ljyBGrKMxFYAYvpqbnnkgP/i/g+NLpjEUa3obn1XJCur9YbEXKDAkaXqsR1LbDnGEJ0MmKFxfg==",
+ "dev": true,
+ "dependencies": {
+ "@types/linkify-it": "^5",
+ "@types/mdurl": "^2"
+ }
+ },
+ "node_modules/@types/mdurl": {
+ "version": "2.0.0",
+ "resolved": "https://registry.npmjs.org/@types/mdurl/-/mdurl-2.0.0.tgz",
+ "integrity": "sha512-RGdgjQUZba5p6QEFAVx2OGb8rQDL/cPRG7GiedRzMcJ1tYnUANBncjbSB1NRGwbvjcPeikRABz2nshyPk1bhWg==",
+ "dev": true
+ },
+ "node_modules/@types/web-bluetooth": {
+ "version": "0.0.20",
+ "resolved": "https://registry.npmjs.org/@types/web-bluetooth/-/web-bluetooth-0.0.20.tgz",
+ "integrity": "sha512-g9gZnnXVq7gM7v3tJCWV/qw7w+KeOlSHAhgF9RytFyifW6AF61hdT2ucrYhPq9hLs5JIryeupHV3qGk95dH9ow==",
+ "dev": true
+ },
+ "node_modules/@vitejs/plugin-vue": {
+ "version": "5.0.5",
+ "resolved": "https://registry.npmjs.org/@vitejs/plugin-vue/-/plugin-vue-5.0.5.tgz",
+ "integrity": "sha512-LOjm7XeIimLBZyzinBQ6OSm3UBCNVCpLkxGC0oWmm2YPzVZoxMsdvNVimLTBzpAnR9hl/yn1SHGuRfe6/Td9rQ==",
+ "dev": true,
+ "engines": {
+ "node": "^18.0.0 || >=20.0.0"
+ },
+ "peerDependencies": {
+ "vite": "^5.0.0",
+ "vue": "^3.2.25"
+ }
+ },
+ "node_modules/@vue/compiler-core": {
+ "version": "3.4.31",
+ "resolved": "https://registry.npmjs.org/@vue/compiler-core/-/compiler-core-3.4.31.tgz",
+ "integrity": "sha512-skOiodXWTV3DxfDhB4rOf3OGalpITLlgCeOwb+Y9GJpfQ8ErigdBUHomBzvG78JoVE8MJoQsb+qhZiHfKeNeEg==",
+ "dev": true,
+ "dependencies": {
+ "@babel/parser": "^7.24.7",
+ "@vue/shared": "3.4.31",
+ "entities": "^4.5.0",
+ "estree-walker": "^2.0.2",
+ "source-map-js": "^1.2.0"
+ }
+ },
+ "node_modules/@vue/compiler-dom": {
+ "version": "3.4.31",
+ "resolved": "https://registry.npmjs.org/@vue/compiler-dom/-/compiler-dom-3.4.31.tgz",
+ "integrity": "sha512-wK424WMXsG1IGMyDGyLqB+TbmEBFM78hIsOJ9QwUVLGrcSk0ak6zYty7Pj8ftm7nEtdU/DGQxAXp0/lM/2cEpQ==",
+ "dev": true,
+ "dependencies": {
+ "@vue/compiler-core": "3.4.31",
+ "@vue/shared": "3.4.31"
+ }
+ },
+ "node_modules/@vue/compiler-sfc": {
+ "version": "3.4.31",
+ "resolved": "https://registry.npmjs.org/@vue/compiler-sfc/-/compiler-sfc-3.4.31.tgz",
+ "integrity": "sha512-einJxqEw8IIJxzmnxmJBuK2usI+lJonl53foq+9etB2HAzlPjAS/wa7r0uUpXw5ByX3/0uswVSrjNb17vJm1kQ==",
+ "dev": true,
+ "dependencies": {
+ "@babel/parser": "^7.24.7",
+ "@vue/compiler-core": "3.4.31",
+ "@vue/compiler-dom": "3.4.31",
+ "@vue/compiler-ssr": "3.4.31",
+ "@vue/shared": "3.4.31",
+ "estree-walker": "^2.0.2",
+ "magic-string": "^0.30.10",
+ "postcss": "^8.4.38",
+ "source-map-js": "^1.2.0"
+ }
+ },
+ "node_modules/@vue/compiler-ssr": {
+ "version": "3.4.31",
+ "resolved": "https://registry.npmjs.org/@vue/compiler-ssr/-/compiler-ssr-3.4.31.tgz",
+ "integrity": "sha512-RtefmITAje3fJ8FSg1gwgDhdKhZVntIVbwupdyZDSifZTRMiWxWehAOTCc8/KZDnBOcYQ4/9VWxsTbd3wT0hAA==",
+ "dev": true,
+ "dependencies": {
+ "@vue/compiler-dom": "3.4.31",
+ "@vue/shared": "3.4.31"
+ }
+ },
+ "node_modules/@vue/devtools-api": {
+ "version": "7.3.5",
+ "resolved": "https://registry.npmjs.org/@vue/devtools-api/-/devtools-api-7.3.5.tgz",
+ "integrity": "sha512-BSdBBu5hOIv+gBJC9jzYMh5bC27FQwjWLSb8fVAniqlL9gvsqvK27xTgczMf+hgctlszMYQnRm3bpY/j8vhPqw==",
+ "dev": true,
+ "dependencies": {
+ "@vue/devtools-kit": "^7.3.5"
+ }
+ },
+ "node_modules/@vue/devtools-kit": {
+ "version": "7.3.5",
+ "resolved": "https://registry.npmjs.org/@vue/devtools-kit/-/devtools-kit-7.3.5.tgz",
+ "integrity": "sha512-wwfi10gJ1HMtjzcd8aIOnzBHlIRqsYDgcDyrKvkeyc0Gbcoe7UrkXRVHZUOtcxxoplHA0PwpT6wFg0uUCmi8Ww==",
+ "dev": true,
+ "dependencies": {
+ "@vue/devtools-shared": "^7.3.5",
+ "birpc": "^0.2.17",
+ "hookable": "^5.5.3",
+ "mitt": "^3.0.1",
+ "perfect-debounce": "^1.0.0",
+ "speakingurl": "^14.0.1",
+ "superjson": "^2.2.1"
+ }
+ },
+ "node_modules/@vue/devtools-shared": {
+ "version": "7.3.5",
+ "resolved": "https://registry.npmjs.org/@vue/devtools-shared/-/devtools-shared-7.3.5.tgz",
+ "integrity": "sha512-Rqii3VazmWTi67a86rYopi61n5Ved05EybJCwyrfoO9Ok3MaS/4yRFl706ouoISMlyrASJFEzM0/AiDA6w4f9A==",
+ "dev": true,
+ "dependencies": {
+ "rfdc": "^1.4.1"
+ }
+ },
+ "node_modules/@vue/reactivity": {
+ "version": "3.4.31",
+ "resolved": "https://registry.npmjs.org/@vue/reactivity/-/reactivity-3.4.31.tgz",
+ "integrity": "sha512-VGkTani8SOoVkZNds1PfJ/T1SlAIOf8E58PGAhIOUDYPC4GAmFA2u/E14TDAFcf3vVDKunc4QqCe/SHr8xC65Q==",
+ "dev": true,
+ "dependencies": {
+ "@vue/shared": "3.4.31"
+ }
+ },
+ "node_modules/@vue/runtime-core": {
+ "version": "3.4.31",
+ "resolved": "https://registry.npmjs.org/@vue/runtime-core/-/runtime-core-3.4.31.tgz",
+ "integrity": "sha512-LDkztxeUPazxG/p8c5JDDKPfkCDBkkiNLVNf7XZIUnJ+66GVGkP+TIh34+8LtPisZ+HMWl2zqhIw0xN5MwU1cw==",
+ "dev": true,
+ "dependencies": {
+ "@vue/reactivity": "3.4.31",
+ "@vue/shared": "3.4.31"
+ }
+ },
+ "node_modules/@vue/runtime-dom": {
+ "version": "3.4.31",
+ "resolved": "https://registry.npmjs.org/@vue/runtime-dom/-/runtime-dom-3.4.31.tgz",
+ "integrity": "sha512-2Auws3mB7+lHhTFCg8E9ZWopA6Q6L455EcU7bzcQ4x6Dn4cCPuqj6S2oBZgN2a8vJRS/LSYYxwFFq2Hlx3Fsaw==",
+ "dev": true,
+ "dependencies": {
+ "@vue/reactivity": "3.4.31",
+ "@vue/runtime-core": "3.4.31",
+ "@vue/shared": "3.4.31",
+ "csstype": "^3.1.3"
+ }
+ },
+ "node_modules/@vue/server-renderer": {
+ "version": "3.4.31",
+ "resolved": "https://registry.npmjs.org/@vue/server-renderer/-/server-renderer-3.4.31.tgz",
+ "integrity": "sha512-D5BLbdvrlR9PE3by9GaUp1gQXlCNadIZytMIb8H2h3FMWJd4oUfkUTEH2wAr3qxoRz25uxbTcbqd3WKlm9EHQA==",
+ "dev": true,
+ "dependencies": {
+ "@vue/compiler-ssr": "3.4.31",
+ "@vue/shared": "3.4.31"
+ },
+ "peerDependencies": {
+ "vue": "3.4.31"
+ }
+ },
+ "node_modules/@vue/shared": {
+ "version": "3.4.31",
+ "resolved": "https://registry.npmjs.org/@vue/shared/-/shared-3.4.31.tgz",
+ "integrity": "sha512-Yp3wtJk//8cO4NItOPpi3QkLExAr/aLBGZMmTtW9WpdwBCJpRM6zj9WgWktXAl8IDIozwNMByT45JP3tO3ACWA==",
+ "dev": true
+ },
+ "node_modules/@vueuse/core": {
+ "version": "10.11.0",
+ "resolved": "https://registry.npmjs.org/@vueuse/core/-/core-10.11.0.tgz",
+ "integrity": "sha512-x3sD4Mkm7PJ+pcq3HX8PLPBadXCAlSDR/waK87dz0gQE+qJnaaFhc/dZVfJz+IUYzTMVGum2QlR7ImiJQN4s6g==",
+ "dev": true,
+ "dependencies": {
+ "@types/web-bluetooth": "^0.0.20",
+ "@vueuse/metadata": "10.11.0",
+ "@vueuse/shared": "10.11.0",
+ "vue-demi": ">=0.14.8"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/antfu"
+ }
+ },
+ "node_modules/@vueuse/core/node_modules/vue-demi": {
+ "version": "0.14.8",
+ "resolved": "https://registry.npmjs.org/vue-demi/-/vue-demi-0.14.8.tgz",
+ "integrity": "sha512-Uuqnk9YE9SsWeReYqK2alDI5YzciATE0r2SkA6iMAtuXvNTMNACJLJEXNXaEy94ECuBe4Sk6RzRU80kjdbIo1Q==",
+ "dev": true,
+ "hasInstallScript": true,
+ "bin": {
+ "vue-demi-fix": "bin/vue-demi-fix.js",
+ "vue-demi-switch": "bin/vue-demi-switch.js"
+ },
+ "engines": {
+ "node": ">=12"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/antfu"
+ },
+ "peerDependencies": {
+ "@vue/composition-api": "^1.0.0-rc.1",
+ "vue": "^3.0.0-0 || ^2.6.0"
+ },
+ "peerDependenciesMeta": {
+ "@vue/composition-api": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@vueuse/integrations": {
+ "version": "10.11.0",
+ "resolved": "https://registry.npmjs.org/@vueuse/integrations/-/integrations-10.11.0.tgz",
+ "integrity": "sha512-Pp6MtWEIr+NDOccWd8j59Kpjy5YDXogXI61Kb1JxvSfVBO8NzFQkmrKmSZz47i+ZqHnIzxaT38L358yDHTncZg==",
+ "dev": true,
+ "dependencies": {
+ "@vueuse/core": "10.11.0",
+ "@vueuse/shared": "10.11.0",
+ "vue-demi": ">=0.14.8"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/antfu"
+ },
+ "peerDependencies": {
+ "async-validator": "^4",
+ "axios": "^1",
+ "change-case": "^4",
+ "drauu": "^0.3",
+ "focus-trap": "^7",
+ "fuse.js": "^6",
+ "idb-keyval": "^6",
+ "jwt-decode": "^3",
+ "nprogress": "^0.2",
+ "qrcode": "^1.5",
+ "sortablejs": "^1",
+ "universal-cookie": "^6"
+ },
+ "peerDependenciesMeta": {
+ "async-validator": {
+ "optional": true
+ },
+ "axios": {
+ "optional": true
+ },
+ "change-case": {
+ "optional": true
+ },
+ "drauu": {
+ "optional": true
+ },
+ "focus-trap": {
+ "optional": true
+ },
+ "fuse.js": {
+ "optional": true
+ },
+ "idb-keyval": {
+ "optional": true
+ },
+ "jwt-decode": {
+ "optional": true
+ },
+ "nprogress": {
+ "optional": true
+ },
+ "qrcode": {
+ "optional": true
+ },
+ "sortablejs": {
+ "optional": true
+ },
+ "universal-cookie": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@vueuse/integrations/node_modules/vue-demi": {
+ "version": "0.14.8",
+ "resolved": "https://registry.npmjs.org/vue-demi/-/vue-demi-0.14.8.tgz",
+ "integrity": "sha512-Uuqnk9YE9SsWeReYqK2alDI5YzciATE0r2SkA6iMAtuXvNTMNACJLJEXNXaEy94ECuBe4Sk6RzRU80kjdbIo1Q==",
+ "dev": true,
+ "hasInstallScript": true,
+ "bin": {
+ "vue-demi-fix": "bin/vue-demi-fix.js",
+ "vue-demi-switch": "bin/vue-demi-switch.js"
+ },
+ "engines": {
+ "node": ">=12"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/antfu"
+ },
+ "peerDependencies": {
+ "@vue/composition-api": "^1.0.0-rc.1",
+ "vue": "^3.0.0-0 || ^2.6.0"
+ },
+ "peerDependenciesMeta": {
+ "@vue/composition-api": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/@vueuse/metadata": {
+ "version": "10.11.0",
+ "resolved": "https://registry.npmjs.org/@vueuse/metadata/-/metadata-10.11.0.tgz",
+ "integrity": "sha512-kQX7l6l8dVWNqlqyN3ePW3KmjCQO3ZMgXuBMddIu83CmucrsBfXlH+JoviYyRBws/yLTQO8g3Pbw+bdIoVm4oQ==",
+ "dev": true,
+ "funding": {
+ "url": "https://github.com/sponsors/antfu"
+ }
+ },
+ "node_modules/@vueuse/shared": {
+ "version": "10.11.0",
+ "resolved": "https://registry.npmjs.org/@vueuse/shared/-/shared-10.11.0.tgz",
+ "integrity": "sha512-fyNoIXEq3PfX1L3NkNhtVQUSRtqYwJtJg+Bp9rIzculIZWHTkKSysujrOk2J+NrRulLTQH9+3gGSfYLWSEWU1A==",
+ "dev": true,
+ "dependencies": {
+ "vue-demi": ">=0.14.8"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/antfu"
+ }
+ },
+ "node_modules/@vueuse/shared/node_modules/vue-demi": {
+ "version": "0.14.8",
+ "resolved": "https://registry.npmjs.org/vue-demi/-/vue-demi-0.14.8.tgz",
+ "integrity": "sha512-Uuqnk9YE9SsWeReYqK2alDI5YzciATE0r2SkA6iMAtuXvNTMNACJLJEXNXaEy94ECuBe4Sk6RzRU80kjdbIo1Q==",
+ "dev": true,
+ "hasInstallScript": true,
+ "bin": {
+ "vue-demi-fix": "bin/vue-demi-fix.js",
+ "vue-demi-switch": "bin/vue-demi-switch.js"
+ },
+ "engines": {
+ "node": ">=12"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/antfu"
+ },
+ "peerDependencies": {
+ "@vue/composition-api": "^1.0.0-rc.1",
+ "vue": "^3.0.0-0 || ^2.6.0"
+ },
+ "peerDependenciesMeta": {
+ "@vue/composition-api": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/algoliasearch": {
+ "version": "4.24.0",
+ "resolved": "https://registry.npmjs.org/algoliasearch/-/algoliasearch-4.24.0.tgz",
+ "integrity": "sha512-bf0QV/9jVejssFBmz2HQLxUadxk574t4iwjCKp5E7NBzwKkrDEhKPISIIjAU/p6K5qDx3qoeh4+26zWN1jmw3g==",
+ "dev": true,
+ "dependencies": {
+ "@algolia/cache-browser-local-storage": "4.24.0",
+ "@algolia/cache-common": "4.24.0",
+ "@algolia/cache-in-memory": "4.24.0",
+ "@algolia/client-account": "4.24.0",
+ "@algolia/client-analytics": "4.24.0",
+ "@algolia/client-common": "4.24.0",
+ "@algolia/client-personalization": "4.24.0",
+ "@algolia/client-search": "4.24.0",
+ "@algolia/logger-common": "4.24.0",
+ "@algolia/logger-console": "4.24.0",
+ "@algolia/recommend": "4.24.0",
+ "@algolia/requester-browser-xhr": "4.24.0",
+ "@algolia/requester-common": "4.24.0",
+ "@algolia/requester-node-http": "4.24.0",
+ "@algolia/transporter": "4.24.0"
+ }
+ },
+ "node_modules/birpc": {
+ "version": "0.2.17",
+ "resolved": "https://registry.npmjs.org/birpc/-/birpc-0.2.17.tgz",
+ "integrity": "sha512-+hkTxhot+dWsLpp3gia5AkVHIsKlZybNT5gIYiDlNzJrmYPcTM9k5/w2uaj3IPpd7LlEYpmCj4Jj1nC41VhDFg==",
+ "dev": true,
+ "funding": {
+ "url": "https://github.com/sponsors/antfu"
+ }
+ },
+ "node_modules/copy-anything": {
+ "version": "3.0.5",
+ "resolved": "https://registry.npmjs.org/copy-anything/-/copy-anything-3.0.5.tgz",
+ "integrity": "sha512-yCEafptTtb4bk7GLEQoM8KVJpxAfdBJYaXyzQEgQQQgYrZiDp8SJmGKlYza6CYjEDNstAdNdKA3UuoULlEbS6w==",
+ "dev": true,
+ "dependencies": {
+ "is-what": "^4.1.8"
+ },
+ "engines": {
+ "node": ">=12.13"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/mesqueeb"
+ }
+ },
+ "node_modules/csstype": {
+ "version": "3.1.3",
+ "resolved": "https://registry.npmjs.org/csstype/-/csstype-3.1.3.tgz",
+ "integrity": "sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw==",
+ "dev": true
+ },
+ "node_modules/entities": {
+ "version": "4.5.0",
+ "resolved": "https://registry.npmjs.org/entities/-/entities-4.5.0.tgz",
+ "integrity": "sha512-V0hjH4dGPh9Ao5p0MoRY6BVqtwCjhz6vI5LT8AJ55H+4g9/4vbHx1I54fS0XuclLhDHArPQCiMjDxjaL8fPxhw==",
+ "dev": true,
+ "engines": {
+ "node": ">=0.12"
+ },
+ "funding": {
+ "url": "https://github.com/fb55/entities?sponsor=1"
+ }
+ },
+ "node_modules/esbuild": {
+ "version": "0.21.5",
+ "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.21.5.tgz",
+ "integrity": "sha512-mg3OPMV4hXywwpoDxu3Qda5xCKQi+vCTZq8S9J/EpkhB2HzKXq4SNFZE3+NK93JYxc8VMSep+lOUSC/RVKaBqw==",
+ "dev": true,
+ "hasInstallScript": true,
+ "bin": {
+ "esbuild": "bin/esbuild"
+ },
+ "engines": {
+ "node": ">=12"
+ },
+ "optionalDependencies": {
+ "@esbuild/aix-ppc64": "0.21.5",
+ "@esbuild/android-arm": "0.21.5",
+ "@esbuild/android-arm64": "0.21.5",
+ "@esbuild/android-x64": "0.21.5",
+ "@esbuild/darwin-arm64": "0.21.5",
+ "@esbuild/darwin-x64": "0.21.5",
+ "@esbuild/freebsd-arm64": "0.21.5",
+ "@esbuild/freebsd-x64": "0.21.5",
+ "@esbuild/linux-arm": "0.21.5",
+ "@esbuild/linux-arm64": "0.21.5",
+ "@esbuild/linux-ia32": "0.21.5",
+ "@esbuild/linux-loong64": "0.21.5",
+ "@esbuild/linux-mips64el": "0.21.5",
+ "@esbuild/linux-ppc64": "0.21.5",
+ "@esbuild/linux-riscv64": "0.21.5",
+ "@esbuild/linux-s390x": "0.21.5",
+ "@esbuild/linux-x64": "0.21.5",
+ "@esbuild/netbsd-x64": "0.21.5",
+ "@esbuild/openbsd-x64": "0.21.5",
+ "@esbuild/sunos-x64": "0.21.5",
+ "@esbuild/win32-arm64": "0.21.5",
+ "@esbuild/win32-ia32": "0.21.5",
+ "@esbuild/win32-x64": "0.21.5"
+ }
+ },
+ "node_modules/estree-walker": {
+ "version": "2.0.2",
+ "resolved": "https://registry.npmjs.org/estree-walker/-/estree-walker-2.0.2.tgz",
+ "integrity": "sha512-Rfkk/Mp/DL7JVje3u18FxFujQlTNR2q6QfMSMB7AvCBx91NGj/ba3kCfza0f6dVDbw7YlRf/nDrn7pQrCCyQ/w==",
+ "dev": true
+ },
+ "node_modules/focus-trap": {
+ "version": "7.5.4",
+ "resolved": "https://registry.npmjs.org/focus-trap/-/focus-trap-7.5.4.tgz",
+ "integrity": "sha512-N7kHdlgsO/v+iD/dMoJKtsSqs5Dz/dXZVebRgJw23LDk+jMi/974zyiOYDziY2JPp8xivq9BmUGwIJMiuSBi7w==",
+ "dev": true,
+ "dependencies": {
+ "tabbable": "^6.2.0"
+ }
+ },
+ "node_modules/fsevents": {
+ "version": "2.3.3",
+ "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz",
+ "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==",
+ "dev": true,
+ "hasInstallScript": true,
+ "optional": true,
+ "os": [
+ "darwin"
+ ],
+ "engines": {
+ "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
+ }
+ },
+ "node_modules/hookable": {
+ "version": "5.5.3",
+ "resolved": "https://registry.npmjs.org/hookable/-/hookable-5.5.3.tgz",
+ "integrity": "sha512-Yc+BQe8SvoXH1643Qez1zqLRmbA5rCL+sSmk6TVos0LWVfNIB7PGncdlId77WzLGSIB5KaWgTaNTs2lNVEI6VQ==",
+ "dev": true
+ },
+ "node_modules/is-what": {
+ "version": "4.1.16",
+ "resolved": "https://registry.npmjs.org/is-what/-/is-what-4.1.16.tgz",
+ "integrity": "sha512-ZhMwEosbFJkA0YhFnNDgTM4ZxDRsS6HqTo7qsZM08fehyRYIYa0yHu5R6mgo1n/8MgaPBXiPimPD77baVFYg+A==",
+ "dev": true,
+ "engines": {
+ "node": ">=12.13"
+ },
+ "funding": {
+ "url": "https://github.com/sponsors/mesqueeb"
+ }
+ },
+ "node_modules/magic-string": {
+ "version": "0.30.10",
+ "resolved": "https://registry.npmjs.org/magic-string/-/magic-string-0.30.10.tgz",
+ "integrity": "sha512-iIRwTIf0QKV3UAnYK4PU8uiEc4SRh5jX0mwpIwETPpHdhVM4f53RSwS/vXvN1JhGX+Cs7B8qIq3d6AH49O5fAQ==",
+ "dev": true,
+ "dependencies": {
+ "@jridgewell/sourcemap-codec": "^1.4.15"
+ }
+ },
+ "node_modules/mark.js": {
+ "version": "8.11.1",
+ "resolved": "https://registry.npmjs.org/mark.js/-/mark.js-8.11.1.tgz",
+ "integrity": "sha512-1I+1qpDt4idfgLQG+BNWmrqku+7/2bi5nLf4YwF8y8zXvmfiTBY3PV3ZibfrjBueCByROpuBjLLFCajqkgYoLQ==",
+ "dev": true
+ },
+ "node_modules/minisearch": {
+ "version": "6.3.0",
+ "resolved": "https://registry.npmjs.org/minisearch/-/minisearch-6.3.0.tgz",
+ "integrity": "sha512-ihFnidEeU8iXzcVHy74dhkxh/dn8Dc08ERl0xwoMMGqp4+LvRSCgicb+zGqWthVokQKvCSxITlh3P08OzdTYCQ==",
+ "dev": true
+ },
+ "node_modules/mitt": {
+ "version": "3.0.1",
+ "resolved": "https://registry.npmjs.org/mitt/-/mitt-3.0.1.tgz",
+ "integrity": "sha512-vKivATfr97l2/QBCYAkXYDbrIWPM2IIKEl7YPhjCvKlG3kE2gm+uBo6nEXK3M5/Ffh/FLpKExzOQ3JJoJGFKBw==",
+ "dev": true
+ },
+ "node_modules/nanoid": {
+ "version": "3.3.7",
+ "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz",
+ "integrity": "sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g==",
+ "dev": true,
+ "funding": [
+ {
+ "type": "github",
+ "url": "https://github.com/sponsors/ai"
+ }
+ ],
+ "bin": {
+ "nanoid": "bin/nanoid.cjs"
+ },
+ "engines": {
+ "node": "^10 || ^12 || ^13.7 || ^14 || >=15.0.1"
+ }
+ },
+ "node_modules/perfect-debounce": {
+ "version": "1.0.0",
+ "resolved": "https://registry.npmjs.org/perfect-debounce/-/perfect-debounce-1.0.0.tgz",
+ "integrity": "sha512-xCy9V055GLEqoFaHoC1SoLIaLmWctgCUaBaWxDZ7/Zx4CTyX7cJQLJOok/orfjZAh9kEYpjJa4d0KcJmCbctZA==",
+ "dev": true
+ },
+ "node_modules/picocolors": {
+ "version": "1.0.1",
+ "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.0.1.tgz",
+ "integrity": "sha512-anP1Z8qwhkbmu7MFP5iTt+wQKXgwzf7zTyGlcdzabySa9vd0Xt392U0rVmz9poOaBj0uHJKyyo9/upk0HrEQew==",
+ "dev": true
+ },
+ "node_modules/postcss": {
+ "version": "8.4.39",
+ "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.39.tgz",
+ "integrity": "sha512-0vzE+lAiG7hZl1/9I8yzKLx3aR9Xbof3fBHKunvMfOCYAtMhrsnccJY2iTURb9EZd5+pLuiNV9/c/GZJOHsgIw==",
+ "dev": true,
+ "funding": [
+ {
+ "type": "opencollective",
+ "url": "https://opencollective.com/postcss/"
+ },
+ {
+ "type": "tidelift",
+ "url": "https://tidelift.com/funding/github/npm/postcss"
+ },
+ {
+ "type": "github",
+ "url": "https://github.com/sponsors/ai"
+ }
+ ],
+ "dependencies": {
+ "nanoid": "^3.3.7",
+ "picocolors": "^1.0.1",
+ "source-map-js": "^1.2.0"
+ },
+ "engines": {
+ "node": "^10 || ^12 || >=14"
+ }
+ },
+ "node_modules/preact": {
+ "version": "10.22.1",
+ "resolved": "https://registry.npmjs.org/preact/-/preact-10.22.1.tgz",
+ "integrity": "sha512-jRYbDDgMpIb5LHq3hkI0bbl+l/TQ9UnkdQ0ww+lp+4MMOdqaUYdFc5qeyP+IV8FAd/2Em7drVPeKdQxsiWCf/A==",
+ "dev": true,
+ "funding": {
+ "type": "opencollective",
+ "url": "https://opencollective.com/preact"
+ }
+ },
+ "node_modules/rfdc": {
+ "version": "1.4.1",
+ "resolved": "https://registry.npmjs.org/rfdc/-/rfdc-1.4.1.tgz",
+ "integrity": "sha512-q1b3N5QkRUWUl7iyylaaj3kOpIT0N2i9MqIEQXP73GVsN9cw3fdx8X63cEmWhJGi2PPCF23Ijp7ktmd39rawIA==",
+ "dev": true
+ },
+ "node_modules/rollup": {
+ "version": "4.18.0",
+ "resolved": "https://registry.npmjs.org/rollup/-/rollup-4.18.0.tgz",
+ "integrity": "sha512-QmJz14PX3rzbJCN1SG4Xe/bAAX2a6NpCP8ab2vfu2GiUr8AQcr2nCV/oEO3yneFarB67zk8ShlIyWb2LGTb3Sg==",
+ "dev": true,
+ "dependencies": {
+ "@types/estree": "1.0.5"
+ },
+ "bin": {
+ "rollup": "dist/bin/rollup"
+ },
+ "engines": {
+ "node": ">=18.0.0",
+ "npm": ">=8.0.0"
+ },
+ "optionalDependencies": {
+ "@rollup/rollup-android-arm-eabi": "4.18.0",
+ "@rollup/rollup-android-arm64": "4.18.0",
+ "@rollup/rollup-darwin-arm64": "4.18.0",
+ "@rollup/rollup-darwin-x64": "4.18.0",
+ "@rollup/rollup-linux-arm-gnueabihf": "4.18.0",
+ "@rollup/rollup-linux-arm-musleabihf": "4.18.0",
+ "@rollup/rollup-linux-arm64-gnu": "4.18.0",
+ "@rollup/rollup-linux-arm64-musl": "4.18.0",
+ "@rollup/rollup-linux-powerpc64le-gnu": "4.18.0",
+ "@rollup/rollup-linux-riscv64-gnu": "4.18.0",
+ "@rollup/rollup-linux-s390x-gnu": "4.18.0",
+ "@rollup/rollup-linux-x64-gnu": "4.18.0",
+ "@rollup/rollup-linux-x64-musl": "4.18.0",
+ "@rollup/rollup-win32-arm64-msvc": "4.18.0",
+ "@rollup/rollup-win32-ia32-msvc": "4.18.0",
+ "@rollup/rollup-win32-x64-msvc": "4.18.0",
+ "fsevents": "~2.3.2"
+ }
+ },
+ "node_modules/search-insights": {
+ "version": "2.14.0",
+ "resolved": "https://registry.npmjs.org/search-insights/-/search-insights-2.14.0.tgz",
+ "integrity": "sha512-OLN6MsPMCghDOqlCtsIsYgtsC0pnwVTyT9Mu6A3ewOj1DxvzZF6COrn2g86E/c05xbktB0XN04m/t1Z+n+fTGw==",
+ "dev": true,
+ "peer": true
+ },
+ "node_modules/shiki": {
+ "version": "1.10.1",
+ "resolved": "https://registry.npmjs.org/shiki/-/shiki-1.10.1.tgz",
+ "integrity": "sha512-uafV7WCgN4YYrccH6yxpnps6k38sSTlFRrwc4jycWmhWxJIm9dPrk+XkY1hZ2t0I7jmacMNb15Lf2fspa/Y3lg==",
+ "dev": true,
+ "dependencies": {
+ "@shikijs/core": "1.10.1"
+ }
+ },
+ "node_modules/source-map-js": {
+ "version": "1.2.0",
+ "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.0.tgz",
+ "integrity": "sha512-itJW8lvSA0TXEphiRoawsCksnlf8SyvmFzIhltqAHluXd88pkCd+cXJVHTDwdCr0IzwptSm035IHQktUu1QUMg==",
+ "dev": true,
+ "engines": {
+ "node": ">=0.10.0"
+ }
+ },
+ "node_modules/speakingurl": {
+ "version": "14.0.1",
+ "resolved": "https://registry.npmjs.org/speakingurl/-/speakingurl-14.0.1.tgz",
+ "integrity": "sha512-1POYv7uv2gXoyGFpBCmpDVSNV74IfsWlDW216UPjbWufNf+bSU6GdbDsxdcxtfwb4xlI3yxzOTKClUosxARYrQ==",
+ "dev": true,
+ "engines": {
+ "node": ">=0.10.0"
+ }
+ },
+ "node_modules/superjson": {
+ "version": "2.2.1",
+ "resolved": "https://registry.npmjs.org/superjson/-/superjson-2.2.1.tgz",
+ "integrity": "sha512-8iGv75BYOa0xRJHK5vRLEjE2H/i4lulTjzpUXic3Eg8akftYjkmQDa8JARQ42rlczXyFR3IeRoeFCc7RxHsYZA==",
+ "dev": true,
+ "dependencies": {
+ "copy-anything": "^3.0.2"
+ },
+ "engines": {
+ "node": ">=16"
+ }
+ },
+ "node_modules/tabbable": {
+ "version": "6.2.0",
+ "resolved": "https://registry.npmjs.org/tabbable/-/tabbable-6.2.0.tgz",
+ "integrity": "sha512-Cat63mxsVJlzYvN51JmVXIgNoUokrIaT2zLclCXjRd8boZ0004U4KCs/sToJ75C6sdlByWxpYnb5Boif1VSFew==",
+ "dev": true
+ },
+ "node_modules/vite": {
+ "version": "5.3.2",
+ "resolved": "https://registry.npmjs.org/vite/-/vite-5.3.2.tgz",
+ "integrity": "sha512-6lA7OBHBlXUxiJxbO5aAY2fsHHzDr1q7DvXYnyZycRs2Dz+dXBWuhpWHvmljTRTpQC2uvGmUFFkSHF2vGo90MA==",
+ "dev": true,
+ "dependencies": {
+ "esbuild": "^0.21.3",
+ "postcss": "^8.4.38",
+ "rollup": "^4.13.0"
+ },
+ "bin": {
+ "vite": "bin/vite.js"
+ },
+ "engines": {
+ "node": "^18.0.0 || >=20.0.0"
+ },
+ "funding": {
+ "url": "https://github.com/vitejs/vite?sponsor=1"
+ },
+ "optionalDependencies": {
+ "fsevents": "~2.3.3"
+ },
+ "peerDependencies": {
+ "@types/node": "^18.0.0 || >=20.0.0",
+ "less": "*",
+ "lightningcss": "^1.21.0",
+ "sass": "*",
+ "stylus": "*",
+ "sugarss": "*",
+ "terser": "^5.4.0"
+ },
+ "peerDependenciesMeta": {
+ "@types/node": {
+ "optional": true
+ },
+ "less": {
+ "optional": true
+ },
+ "lightningcss": {
+ "optional": true
+ },
+ "sass": {
+ "optional": true
+ },
+ "stylus": {
+ "optional": true
+ },
+ "sugarss": {
+ "optional": true
+ },
+ "terser": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/vitepress": {
+ "version": "1.2.3",
+ "resolved": "https://registry.npmjs.org/vitepress/-/vitepress-1.2.3.tgz",
+ "integrity": "sha512-GvEsrEeNLiDE1+fuwDAYJCYLNZDAna+EtnXlPajhv/MYeTjbNK6Bvyg6NoTdO1sbwuQJ0vuJR99bOlH53bo6lg==",
+ "dev": true,
+ "dependencies": {
+ "@docsearch/css": "^3.6.0",
+ "@docsearch/js": "^3.6.0",
+ "@shikijs/core": "^1.6.2",
+ "@shikijs/transformers": "^1.6.2",
+ "@types/markdown-it": "^14.1.1",
+ "@vitejs/plugin-vue": "^5.0.5",
+ "@vue/devtools-api": "^7.2.1",
+ "@vue/shared": "^3.4.27",
+ "@vueuse/core": "^10.10.0",
+ "@vueuse/integrations": "^10.10.0",
+ "focus-trap": "^7.5.4",
+ "mark.js": "8.11.1",
+ "minisearch": "^6.3.0",
+ "shiki": "^1.6.2",
+ "vite": "^5.2.12",
+ "vue": "^3.4.27"
+ },
+ "bin": {
+ "vitepress": "bin/vitepress.js"
+ },
+ "peerDependencies": {
+ "markdown-it-mathjax3": "^4",
+ "postcss": "^8"
+ },
+ "peerDependenciesMeta": {
+ "markdown-it-mathjax3": {
+ "optional": true
+ },
+ "postcss": {
+ "optional": true
+ }
+ }
+ },
+ "node_modules/vue": {
+ "version": "3.4.31",
+ "resolved": "https://registry.npmjs.org/vue/-/vue-3.4.31.tgz",
+ "integrity": "sha512-njqRrOy7W3YLAlVqSKpBebtZpDVg21FPoaq1I7f/+qqBThK9ChAIjkRWgeP6Eat+8C+iia4P3OYqpATP21BCoQ==",
+ "dev": true,
+ "dependencies": {
+ "@vue/compiler-dom": "3.4.31",
+ "@vue/compiler-sfc": "3.4.31",
+ "@vue/runtime-dom": "3.4.31",
+ "@vue/server-renderer": "3.4.31",
+ "@vue/shared": "3.4.31"
+ },
+ "peerDependencies": {
+ "typescript": "*"
+ },
+ "peerDependenciesMeta": {
+ "typescript": {
+ "optional": true
+ }
+ }
+ }
+ }
+}
diff --git a/SBOM-wiki/package.json b/SBOM-wiki/package.json
new file mode 100644
index 0000000..de156b1
--- /dev/null
+++ b/SBOM-wiki/package.json
@@ -0,0 +1,12 @@
+{
+ "scripts": {
+ "dev": "vitepress dev",
+ "build": "vitepress build",
+ "preview": "vitepress preview"
+ },
+ "devDependencies": {
+ "vitepress": "^1.2.2"
+ },
+ "dependencies": {
+ }
+}
diff --git a/SBOM-wiki/public/thumbnail.webp b/SBOM-wiki/public/thumbnail.webp
new file mode 100644
index 0000000..eea7f6c
Binary files /dev/null and b/SBOM-wiki/public/thumbnail.webp differ
diff --git a/SBOM-wiki/sbom-compliance.md b/SBOM-wiki/sbom-compliance.md
new file mode 100644
index 0000000..0cb7ca9
--- /dev/null
+++ b/SBOM-wiki/sbom-compliance.md
@@ -0,0 +1,28 @@
+# SBOM in compliance
+
+## EU Cyber Resiliance Act :eu:
+The [European Cyber Resilience Act (CRA)](https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex:52022PC0454) includes requirements for the identification and management of supply chain risks, and the proposed European Cybersecurity Certification Scheme would likely require the use of Software Bill of Materials (SBOM) and secure software development practices. The Cybersecurity Resilience Act lays out specific actions and strategies regarding the responsibility and the means to protect software vulnerabilities, including specifying vulnerability reporting format and requirements, anchored in the form of a SBOM.
+_2024-03-12
_
+
+## Guide of Introduction of SBOM for Software Management:jp:
+Japan's Ministry of Economy, Trade and Industry (METI) published a [guide](https://www.meti.go.jp/english/press/2023/0728_001.html) to promote SBOM use. Highlighting growing software security concerns, METI targets software suppliers with this guide, which details the benefits and steps for implementing SBOMs. This initiative aims to improve software vulnerability management, enhance development productivity, and bolster overall cybersecurity in Japanese industries.
+_2023-07-28
_
+
+## Technical Guideline TR-03183 :de:
+The [Technical Guideline TR-03183: Cyber Resilience Requirements for Manufacturers and Products Part 2 Software Bill of Materials (SBOM)](https://www.bsi.bund.de/dok/TR-03183-en) provides essential guidance for creating an SBOM. The Technical Guideline TR-03183 aims to provide manufacturers with advance access to the requirements that will be imposed by the future EU Cyber Resilience Act (CRA). While it is recommended (but not obligatory), it serves as a basis for discussion both within the EU and internationally.
+_2023-07-12
_
+
+## SBOM startersgids 🇳🇱
+The Dutch National Cyber Security Center (NCSC) has published a [SBOM Starter Guide](https://www.ncsc.nl/documenten/publicaties/2023/juli/5/sbom-startersgids) to assist managers involved in their organization's cybersecurity strategy with implementing SBOMs. This guide explores how organizations can establish processes for using SBOMs, create, manage, and share them effectively, and develop strong agreements with vendors. It also dives into how SBOMs can be utilized for vulnerability management and offers additional insights through supporting frameworks.
+_2023-07-05
_
+
+## The Minimum Elements for a SBOM :us:
+The [NTIA Minimum Elements for an SBOM](https://www.ntia.gov/report/2021/minimum-elements-software-bill-materials-sbom) requires that SBOMs show, for each software component: supplier, component name, version, any unique identifiers like CPE SWID or PURL, dependency relationship, and the author of this information along with a time/date stamp when it was generated. The minimum elements of an SBOM build on three broad, interrelated areas: Data fields, Operational considerations, and Support for automation. SBOMs must comply with at least one of the following SBOM standards: Software Package Data eXchange (SPDX), CycloneDX, or Software Identification (SWID) tags. The minimum elements of an SBOM will enable basic use cases, such as management of vulnerabilities, software inventory, and licenses.
+_2021-07-12
_
+
+## White House Executive Order 14028 :us:
+The [White House Executive Order on cybersecurity](https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/) includes new security requirements for software vendors selling software to the U.S. government. It emphasizes the importance of enhancing software supply chain security through the Software Bill of Materials (SBOM). The Executive Order defines an SBOM as “a formal record containing the details and supply chain relationships of various components used in building software”.
+_2021-05-12
_
+
+
+
diff --git a/SBOM-wiki/sbom-naming.md b/SBOM-wiki/sbom-naming.md
new file mode 100644
index 0000000..f80a48a
--- /dev/null
+++ b/SBOM-wiki/sbom-naming.md
@@ -0,0 +1,48 @@
+# Best Practices for Naming and Directory Conventions for SBOMs (Software Bill of Materials) in Open Source Projects
+
+The [Software Bill of Materials (SBOM)](https://www.cisa.gov/sbom) plays a vital role in providing visibility & transparency into the software supply chain. Using SBOM standards such as [CycloneDX](https://cyclonedx.org/) and [SPDX](https://spdx.dev/) ensures interoperability, accurate dependency tracking, and efficient vulnerability management. Here are some best practices for naming and directory conventions when creating and managing SBOMs.
+
+## Scope
+
+This document only covers [SBOMs of Type Source and Build](https://www.cisa.gov/sites/default/files/2023-04/sbom-types-document-508c.pdf) as SBOMs of other types are typically not curated by the maintainers of Open Source software but instead by consumers of Open Source software. The audience for this document is open source projects distributing artifacts directly rather than distributing artifacts via an ecosystem such as Maven or NPM.
+
+For Source and Build SBOMs, the contents of the SBOM describing the artifact will only include what is being distributed and will not contain information about prospective uses of the software during or after installation or running of the software. That information is captured in separate SBOM types (ie Deployment, Runtime).
+
+In the context of this document, the “source” is defined as a snapshot of the source code made available to download, such as in a tgz archive.
+
+The “build” is the artifacts that are built by the project and released. These could be tgz archives, but also other artifacts such as rpm, deb, or zip.
+
+This document does not prescribe best practices to specific software ecosystems (Maven, PyPI, etc) which are likely to have specific requirements about how to distribute accompanying metadata alongside software distributions, however this should not preclude the use of all or part of this guidance for this use-case.
+
+There may be instances where a release is also uploaded to an ecosystem. It is not expected that the SBOM generated for the releases would be uploaded to those ecosystems.
+
+## Consistent Naming Conventions
+
+For SBOMs which are distributed with source tarballs or pre-built binaries as a part of a defined release of the software, the requirements for “release” files is typically a flat list of files without directories (think GitHub or GitLab Release artifacts). To meet these requirements, no directory structures should be used.
+
+Following [guidance](https://slsa.dev/spec/v1.0/distributing-provenance#relationship-between-artifacts-and-attestations) from SLSA provenance attestations of appending a corresponding extension to the filename of the artifact that is being described. For the [CycloneDX](https://cyclonedx.org/specification/overview/) and [SPDX](https://spdx.github.io/spdx-spec/v2.3/conformance/#44-standard-data-format-requirements) SBOM standards and their file extension formats the guidance is as follows:
+
+| Standard + Format | Artifact Filename | SBOM Filename |
+|-------------------|-------------------|---------------|
+| CycloneDX JSON | artifact-1.0.0.tar.gz | artifact-1.0.0.tar.gz.cdx.json|
+| CycloneDX XML | artifact-1.0.0.tar.gz | artifact-1.0.0.tar.gz.cdx.xml |
+| SPDX TAG:VALUE | artifact-1.0.0.tar.gz | artifact-1.0.0.tar.gz.spdx |
+| SPDX JSON | artifact-1.0.0.tar.gz | artifact-1.0.0.tar.gz.spdx.json |
+| SPDX XML | artifact-1.0.0.tar.gz | artifact-1.0.0.tar.gz.spdx.xml |
+| SPDX YAML | artifact-1.0.0.tar.gz | artifact-1.0.0.tar.gz.spdx.yml (or .yaml) |
+| SPDX RDF XML | artifact-1.0.0.tar.gz | Artifact-1.0.0.tar.gz.spdx.rdf (or .rdf.xml)
+
+The .spdx.* and .cdx.* extensions are sourced from the [CycloneDX](https://cyclonedx.org/guides/sbom/extensibility/) and [SPDX](https://spdx.github.io/spdx-ntia-sbom-howto/) guidance on filename extensions for SBOM documents of the corresponding standard and format.
+
+The JSON format files should be considered a mandatory requirement and are always available. The tool support for JSON documents is considered to be better than the other file format options. If other formats are desired, the JSON SBOM should also be available.
+
+## Acknowledgements
+
+The following community members helped contribute to this guidance
+
+- Josh Bressers, Anchore
+- Marius Biebel. hm.edu
+- Ian Dunbar-Hall, Lockheed Martin
+- Maximilian Huber, TNG Technology Consulting
+- Dan Appelquist, Samsung (formerly, Snyk)
+- Seth Larson, Python Software Foundation
diff --git a/SBOM-wiki/sbom-types.md b/SBOM-wiki/sbom-types.md
new file mode 100644
index 0000000..86139ff
--- /dev/null
+++ b/SBOM-wiki/sbom-types.md
@@ -0,0 +1,43 @@
+# Types of Software Bill of Material (SBOM) Documents
+
+::: tip Go to original document.
+This document was reviewed and published by CISA. You can find the original document [here](https://www.cisa.gov/resources-tools/resources/types-software-bill-materials-sbom).
+:::
+
+## Introduction
+Today there is a widely-used definition of the minimum content of a Software Bill of Material (SBOM). However, an SBOM may contain different forms of the minimum information sourced from different product artifacts. Given the disparate ways SBOM data can be collected, the results may vary, yet still provide value in different use cases. This document summarizes some common types of SBOMs that tools may create in the industry today, along with the data typically presented for each type of SBOM. An SBOM document may combine information for multiple SBOM types.
+
+## Definitions and Discussions
+The following two tables summarize the different types of SBOMs and the benefits and limitations of each type. This list of SBOM types is not intended to be tightly tied to the software lifecycle. Some SBOM types may be available and useful across multiple lifecycle phases, while others may be available only in one lifecycle phase. Also, the data presented within an SBOM type may vary, depending on the software’s lifecycle phase and industry.
+
+## SBOM Type Definition and Composition
+| Type | Definition | Description |
+|--------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------|
+| **Design** | SBOM of intended design of included components (some of which may not exist) for a new software artifact. | Typically derived from a design specification, RFP, or initial concept. |
+| **Source** | SBOM created directly from the development environment, source files, and included dependencies used to build an product artifact. | Typically generated from software composition analysis (SCA) tooling, with manual clarifications. |
+| **Build** | SBOM generated as part of the process of building the software to create a releasable artifact (e.g., executable or package) from data such as source files, dependencies, built components, build process ephemeral data, and other SBOMs. | Typically generated as part of a build process. May consist of integrated intermediate Build and Source SBOMs for a final release artifact SBOM. |
+| **Analyzed** | SBOM generated through analysis of artifacts (e.g., executables, packages, containers, and virtual machine images) after its build. Such analysis generally requires a variety of heuristics. In some contexts, this may also be referred to as a “3rd party” SBOM. | Typically generated through analysis of artifacts by 3rd party tooling. |
+| **Deployed** | SBOM provides an inventory of software that is present on a system. This may be an assembly of other SBOMs that combines analysis of configuration options, and examination of execution behavior in a (potentially simulated) deployment environment. | Typically generated by recording the SBOMs and configuration information of artifacts that have been installed on systems. |
+| **Runtime** | SBOM generated through instrumenting the system running the software, to capture only components present in the system, as well as external call-outs or dynamically loaded components. In some contexts, this may also be referred to as an “Instrumented” or “Dynamic” SBOM. | Typically generated from tooling interacting with a system to record the artifacts present in a running environment and/or that have been executed. |
+
+## Understanding the Benefits and Limitations of SBOM Types
+
+| Type | Benefits | Limitations |
+|--------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| **Design** | - Highlight incompatible components ahead of licensing purchase or acquisition.
- Defines approved or recommended included component list for developer use. | - This may be very difficult to generate.
- Unlikely to identify as much detail as found in other SBOM types. |
+| **Source** | - Provides visibility without access to build process.
- Can facilitate remediation of vulnerabilities at the source.
- Can provide a view into the dependency tree / hierarchy of the included components. | - Can highlight components (which might have vulnerabilities) that never run or are compiled out in deployed code.
- Depending on language/ecosystem, may not include runtime, plugin, or dynamic components, like appserver or platform libraries.
- May require references to other SBOMs for completeness. |
+| **Build** | - Increases confidence that the SBOM representation of the product artifact is correct due to information available during the build and/or Continuous Integration/Continuous Deployment (CI/CD) processes.
- Provides visibility into more components than just source code.
- Increased trust by enabling signing of the SBOM and product artifact by the same build workflow. | - Potentially have to change the build process to generate this SBOM.
- Highly dependent on the build environment in which the build is executed.
- May be difficult to capture indirect and/or runtime dependencies.
- May not contain the correct versions of dynamically linked dependencies (as they may be replaced at runtime depending on language/ecosystem). |
+| **Analyzed** | - Provides visibility without an active development environment, such as legacy firmware artifacts.
- Does not need access to the build process.
- Can help verify SBOM data from other sources.
- May find hidden dependencies missed by other SBOM type creation tools. | - May be prone to omissions, errors, or approximations if the tool is unable to decompose or recognize the software components precisely.
- May depend on heuristics or context-specific risk factors. |
+| **Deployed** | - Highlights software components installed on a system, including other configurations and system components used to run an application. | - May require changing install and deploy processes to generate.
- May not accurately reflect the software’s runtime environment, as components may reside in inaccessible code. |
+| **Runtime** | - Provides visibility to understand what is in use when the system is running, including dynamically loaded components and external connections.
- Can include detailed information about whether components are active and what parts are used. | - Requires the system to be analyzed while running, which may require additional overhead.
- Some detailed information may be available only after the system has run for a period of time until the complete functionality has been exercised. |
+
+## Conclusion
+These definitions are meant as a starting point for clarifying SBOM types that varying tooling types and
+methods may create. Different tooling approaches may be required to create the same SBOM type for
+different kinds of software. This document may evolve as the innovation around SBOMs and their uses
+may require the addition of more SBOM types. Progress in adopting and refining Vulnerability
+Exploitability eXchange2 (i.e., VEX), service dependencies, and “SBOM of SBOMs,” among others,
+may require additional types of SBOMs.
+
+If you would like to learn more about tooling associated with SBOMs, reach out to
+SBOM@cisa.dhs.gov.
\ No newline at end of file
diff --git a/SBOM-wiki/sbom-working-groups.md b/SBOM-wiki/sbom-working-groups.md
new file mode 100644
index 0000000..fb030fa
--- /dev/null
+++ b/SBOM-wiki/sbom-working-groups.md
@@ -0,0 +1,99 @@
+# SBOM working groups
+
+## CycloneDX
+To get in touch with the CycloneDX community you best join the [CycloneDX Slak](https://cyclonedx.org/slack). Further information is provided on the CycloneDX [participate page](https://cyclonedx.org/about/participate/).
+
+## SPDX
+SPDX published their open workstreams in the following [Github repository](https://github.com/spdx/meetings)
+
+### General meeting First Thursday of the month @11am ET
+* Description: General call with general updates, updates from each Team, and sometimes guest speakers (e.g., talks on how people are using SPDX, GSoC student presentations, etc.)
+* [Jitsi meeting](https://meet.jit.si/SPDXGeneralMeeting)
+* [Meeting minutes and agendas](https://spdx.swinslow.net/p/spdx-general-minutes)
+
+### Tech Team meetings Thursday @12am ET
+* Descriptions: Regular meeting to work on drafting new versions of the SPDX specification and to discuss technical documentation and official SPDX libraries.
+* [Jitsi meeting](https://zoom.us/j/663426859)
+* [Meeting minutes and agendas](https://spdx.swinslow.net/p/spdx-tech-minutes)
+
+### Legal Team meetings Every other Thursday @12am ET
+* Descriptions: Regular meeting to discuss submissions to SPDX License List, other license list related work, license-related aspects of the SPDX specification, and other related projects.
+* .ics files for invites: [second Thursdays](./invites/spdx-legal-2024-second-thursdays.ics), [fourth Thursdays](./invites/spdx-legal-2024-fourth-thursdays.ics)
+* [Meeting minutes and agendas](https://spdx.swinslow.net/p/spdx-legal-minutes)
+
+### Outreach Team meetings Monday @10am ET
+* Descriptions: Regular meeting to coordinate public relations efforts and discuss current projects.
+* [Jitsi meeting](https://meet.jit.si/SPDXOutreachMeeting)
+* [Meeting minutes and agendas](https://hackmd.io/@spdx/outreach-team/edit)
+
+### Sub-groups for specific topics
+#### Security Profile group meetings Wednesdays @2pm ET
+* Description: Regular meeting to discuss representation of software vulnerability metadata in the SPDX specification including vulnerability identifiers, status, mitigations and remediations.
+* [Jitsi meeting](https://meet.jit.si/SPDXDefectsMeeting)
+* [Meeting minutes and agendas](https://spdx.swinslow.net/p/spdx-defects-minutes)
+
+#### Implementers group meetings Wednesdays @11am ET
+* Description: Regular meeting for tool creators implementing the SPDX specification to meet and compare notes
+* [Jitsi meeting](https://meet.jit.si/SPDXImplementersMeeting)
+* [Meeting minutes and agendas](https://spdx.swinslow.net/p/spdx-implementers-minutes)
+
+#### AI and Data Profiles group meetings Wednesdays @3pm ET
+* Description: Regular meeting to discuss how the SPDX specification can better support and track artificial intelligence and machine learning use-cases.
+* [Jitsi meeting](https://zoom.us/j/92452702075)
+* [Meeting minutes and agendas](https://spdx.swinslow.net/p/spdx-ai-minutes)
+
+#### Functional Safety Profile group meetings Friday @12am ET
+* Description: Regular meeting to discuss how the SPDX specification can better support and track functional safety plans.
+* [Jitsi meeting](https://zoom.us/j/94445183726)
+* [Meeting minutes and agendas](https://spdx.swinslow.net/p/spdx-fusa-minutes)
+
+#### Serialisation Focus Group meetings Thursday @11am ET
+* Description: Regular meeting to discuss the serialisation formats for SPDX, enumerating the use cases for serialisation and determining stakeholder preferences.
+* [Jitsi meeting](https://meet.jit.si/SPDXSerialisationMeeting)
+
+#### Software as a Service Profile group meetings Every other Monday @1pm ET
+* Description: Regular meeting to discuss how the SPDX specification can better support and track SAAS use cases.
+* [Jitsi meeting](https://zoom.us/j/87627432628)
+
+#### Hardware Profile group meetings Friday @9am ET
+* Description: Regular meeting to discuss how the SPDX specification can extend to support firmware, FPGAs, Open Hardware Boards, SOCs, IP blocks, Cores in physical and virtual environments.
+* [Jitsi meeting](https://zoom.us/j/99157617857)
+* [Meeting minutes and agendas](https://spdx.swinslow.net/p/spdx-hardware-minutes)
+
+#### Operations group meetings Friday @9:30am ET
+* Descriptions: Regular meeting focused on the additional information that an organization may wish to associate with a package, for effective management of these artifacts within business operations.
+* [Jitsi meeting](https://zoom-lfx.platform.linuxfoundation.org/meeting/94606881295?password=3522f337-3890-4940-9d74-9aee22864967)
+* [Meeting minutes and agendas](https://spdx.swinslow.net/p/spdx-operations-minutes)
+
+
+## CISA
+CISA hosts several working groups that meet on a weekly basis. The original meeting notes can be found [here](https://docs.google.com/document/d/1itBra03riwVIgvrn1xp35DuvCFOJ6T8DJgs_3pSxsCM/edit). Reach out to SBOM@cisa.dhs.gov to get an invite or further information.
+
+- [CISA SBOM Events Calendar](https://calendar.google.com/calendar/u/0/embed?src=hqnbr3lk8ngjgv04g6ir5d5duc@group.calendar.google.com&ctz=America/New_York) A calendar for all SBOM related workstreams and upcoming events.
+
+### SBOM Community Central Meeting Monday @11am ET
+- [Link to Google Meeting Notes](https://docs.google.com/document/d/1wwFWk2ymzb4FpmuMt2vnIqKqNnzxKq-QHx_2zrQ4MNg/edit#heading=h.f0icpudrrs5j)
+
+### VEX sub-group Monday @10am ET
+- [Link to Google Meeting Notes](https://docs.google.com/document/d/1uF29lTr0OJ_QwUfuej1EfhFgDIziEj5U1x_bZ3V_8bQ/edit?usp=sharing)
+- [Google Group CISA SBOM vex](https://groups.google.com/g/cisa-sbom-vex)
+
+### SBOM adoption work stream Tuesday @12pm ET
+- [Link to Google Meeting Notes](https://docs.google.com/document/d/1ssvft4gGjMc_mGabsc-aMETYrfbIzgQ8fnRCY_cKTrA/edit?usp=sharing)
+- [Google Group CISA SBOM adoption](https://groups.google.com/g/cisa-sbom-adoption)
+
+### SBOM tooling work stream Thursday @3pm ET
+- [Link to Google Meeting Notes](https://docs.google.com/document/d/1itBra03riwVIgvrn1xp35DuvCFOJ6T8DJgs_3pSxsCM/edit?usp=sharing)
+- [Microsoft Teams Invitation](https://teams.microsoft.com/l/meetup-join/19%3ameeting_ZjhhZWYwYTItMzM3OC00ZjA0LWE5ZTEtZGI4N2I3NzcxOTJm%40thread.v2/0?context=%7b%22Tid%22%3a%223ccde76c-946d-4a12-bb7a-fc9d0842354a%22%2c%22Oid%22%3a%2290b42674-467a-4f0e-bd44-241c1c69d558%22%7d)
+- [Google Group CISA SBOM tooling](https://groups.google.com/g/cisa-sbom-tooling)
+
+## OpenSSF (SBOM everywhere) Every other Tuesday @11am ET
+The SBOM Everywhere Special Interest Group came from OpenSSF’s Open Source Software Security Mobilization Plan. The SBOM Everywhere SIG focuses on improving SBOM tooling and training to drive adoption. It's also running this site. Further information in the [about us](/about-us) section.
+- [OpenSSF community Calendar](https://calendar.google.com/calendar/u/0/r?cid=czYzdm9lZmhwNWk5cGZsdGI1cTY3bmdwZXNAZ3JvdXAuY2FsZW5kYXIuZ29vZ2xlLmNvbQ)
+- [Meeting Notes](https://docs.google.com/document/d/193ODRga1F49WKPYYR79SNi9b27mChBqpOf5iiWJcMso/edit)
+
+
+## Anchore OSS Community Meeting Every other Thursday @11am ET
+Anchore is hosting a community meeting for their open source projects Syft and Grype.
+- [OpenSSF community Calendar](https://calendar.google.com/calendar/u/0/r?cid=Y182OTM4dGt0MjRtajI0NnNzOThiaGtnM29qNEBncm91cC5jYWxlbmRhci5nb29nbGUuY29t)
+- [Meeting Notes](https://docs.google.com/document/d/1ZtSAa6fj2a6KRWviTn3WoJm09edvrNUp4Iz_dOjjyY8/edit?usp=sharing)
\ No newline at end of file