Stronger document connections with BOMnipotent v1.2.0
Version 1.2.0 of BOMnipotent introduces matching and analysing functionality for BOMs and CSAF documents.
Do you want to check if a server contains CSAF advisories that cover any components of your products?
Beginning with version 1.2.0 of BOMnipotent, you can call the “bom match” command. This will read any local BOM documents you provide and collect all CSAF documents from the server. It then matches them against each other, checking which products referenced in the CSAF documents appear among the components listed in your BOMs.
Conversely, you can call “csaf match”, provide CSAF documents, and BOMnipotent Client will collect any BOM documents from the server and run the same logic.
The new version also adds local functionality. Call “bom analyze” (or “bom analyse” if you are feeling British) on one or more BOM documents to have BOMnipotent Client check and display its metadata. The analogous command exists for “component”, “vulnerability”, “csaf” and “product”.
To top it all off, internal changes helped to increase the server performance of download requests by a factor of 100.
The full changelog can, as always, be found in the documentation.