open-feature
/
java-sdk
mirror of https://github.com/open-feature/java-sdk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore: Document where to find our SBOMs (#124)

This commit is contained in:
Justin Abrahms 2022-10-06 13:33:11 -07:00 committed by GitHub
parent e52fe0bae5
commit 2c0190793f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.clomonitor.yml Normal file
View File

@ -0,0 +1,12 @@
# CLOMonitor metadata file
# This file must be located at the root of the repository
# Checks exemptions
# Check identifiers are here https://github.com/cncf/clomonitor/blob/main/docs/checks.md#exemptions (look for "id")
exemptions:
- check: signed_releases
reason: "Our releases are signed on Maven Central"
- check: artifacthub_badge
reason: "Java library, not a k8s thing. We use Maven Central"

4
README.md
View File

@ -122,6 +122,10 @@ The continuous integration runs a set of [gherkin integration tests](https://git
See [releasing](./docs/release.md). See [releasing](./docs/release.md).
### Software Bill of Materials (SBOM)
We publish SBOMs with all of our releases as of 0.3.0. You can find them in Maven Central alongside the artifacts.
## Contributors ## Contributors
Thanks so much to our contributors. Thanks so much to our contributors.