ngmi / kubernetes-sigs / bom

kubernetes-sigs/bom

Go 441 stars

A utility to generate SPDX-compliant Bill of Materials manifests

✓ Synced 4h ago Share on X →
README badge: [![ngmi](https://ngmi.review/badge/kubernetes-sigs/bom.svg)](https://ngmi.review/repo/kubernetes-sigs/bom)
478 Merged PRs
1 day Avg Merge Time
2m Fastest PR
4 months Slowest PR
#180 Global Speed Rank

Top Reviewers

#1
@cpanato
336 reviews ✓ 310 approved ↺ 4 blocked
#2 @saschagrunert
@saschagrunert
110 reviews ✓ 95 approved
#3 @puerco
@puerco
93 reviews ✓ 58 approved ↺ 3 blocked
#4
@xmudrii
8 reviews ✓ 8 approved
#5 @justaugustus
@justaugustus
8 reviews ✓ 6 approved ↺ 2 blocked
#6 @sbs2001
@sbs2001
6 reviews
#7 @dims
@dims
4 reviews
#8 @peterchanghk01
@peterchanghk01
4 reviews ✓ 2 approved
#9 @Verolop
@Verolop
4 reviews
#10 @stmcginnis
@stmcginnis
3 reviews

Recent Merged PRs

# Title Author Time Reviews Blocks
#609 build(deps): bump github.com/google/go-containerregistry from 0.20.7 to 0.21.0 in the all group @dependabot 2.8h 1
#608 build(deps): bump chainguard-dev/actions from 1.6.1 to 1.6.2 in the all group @dependabot 3.8h 1
#606 build(deps): bump chainguard-dev/actions from 1.6.0 to 1.6.1 in the all group @dependabot 5.6h 1
#602 build(deps): bump chainguard-dev/actions from 1.5.16 to 1.6.0 in the all group @dependabot 2.9h 1
#601 build(deps): bump the all group with 3 updates @dependabot 25m 1
#596 build(deps): bump golang from 1.25.5 to 1.25.6 in the all group @dependabot 14 days 1
#600 build(deps): bump chainguard-dev/actions from 1.5.14 to 1.5.16 in the all group @dependabot 3.2h 1
#599 build(deps): bump google.golang.org/protobuf from 1.36.6 to 1.36.11 in the all group across 1 directory @dependabot 1.4h 1
#598 Modernize provenance pkg to use the new intoto libraries @puerco 6.3h 1
#597 build(deps): bump chainguard-dev/actions from 1.5.13 to 1.5.14 in the all group @dependabot 4 days 1
#595 build(deps): bump chainguard-dev/actions from 1.5.12 to 1.5.13 in the all group @dependabot 23m 1
#594 build(deps): bump actions/checkout from 6.0.1 to 6.0.2 in the all group @dependabot 4.4h 1
#591 build(deps): bump chainguard-dev/actions from 1.5.11 to 1.5.12 in the all group @dependabot 1 day 1
#590 build(deps): bump sigs.k8s.io/release-utils from 0.12.2 to 0.12.3 in the all group @dependabot 1 day 1
#589 build(deps): bump github.com/sirupsen/logrus from 1.9.3 to 1.9.4 in the all group @dependabot 3.4h 1
#588 Drop dep x/tools/go/vcs dep, use go proxy instead @puerco 47m 1
#587 build(deps): bump actions/setup-go from 6.1.0 to 6.2.0 in the all group @dependabot 2.7h 1
#586 build(deps): bump the all group with 2 updates @dependabot 3.4h 1
#585 build(deps): bump the all group with 2 updates @dependabot 3.2h 1
#584 build(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 @dependabot 4.0h 1