Hi, all. I was reading today about SBOM [1] ('a kind of nutrition label to reduce software supply chain risk') and wondered whether it would be very difficult to add such a document to the Royale release assets. It seems to be an impending requirement (or 'desirement') for released software, and I can't imagine it would be too hard to put one together for our product.
If this seems like a good idea, I would be happy to create a draft and get others to improve it. [1] https://develop.secure.software/sbom-facts-know-whats-in-software-fend-off-supply-chain-attacks -- Andrew Wetmore Editor, Moose House Publications Editor-Writer, The Apache Software Foundation