Replication resources for paper: "A Large Scale Empirical Analysis on the Adherence Gap between Standards and Tools in SBOM"
Authors/Creators
- 1. Intelligent Software Research Center, Institute of Software, Chinese Academy of Sciences
- 2. Institute of Software, Chinese Academy of Sciences
Description
Replication resources for paper: "A Large Scale Empirical Analysis on the Adherence Gap between Standards and Tools in SBOM"
Usage
The code repository is at https://github.com/dw763j/SAP, this zenodo includes the generated SBOMs and test code.
The all-sboms.zip includes all the 27,795 SBOMs of 3,287 repositories generated by the six tools in either CycloneDX or SPDX standards as described in paper.
The run-on-test-sboms.zip includes codes and some SBOMs for fast test purpose.
Download and unzip run-on-test-sboms.zip, cd into the dir and run `pip install -r requirements.txt` and then run `python test-run.py`, you will get the analysis results on the test-sboms.
If you want to rerun the whole process of SAP on all SBOMs, download and unzip the all-sboms.zip(around 50GB after unzip), and change the dirs in test-run.py(need to follow the language dir structure) and rerun again(clean up of the results dir is recommended).
v1.1: minor code refactor.
v1.2: minor code refactor.
Files
run-on-test-sboms.zip
Files
(2.4 GB)
| Name | Size | Download all |
|---|---|---|
|
md5:2280be571015682870f83a3aae0fca87
|
2.4 GB | Preview Download |
|
md5:6f6a7d5592eb033f47e191b6d7c55ad3
|
17.7 MB | Preview Download |
Additional details
Software
- Repository URL
- https://github.com/dw763j/SAP
- Programming language
- Python
- Development Status
- Active