Updates and recent posts about Syft..

Posts
Description

Activity

@codechaintech started using tool Atlassian Bitbucket , 2 weeks, 4 days ago.

Link

@simme shared a link, 2 weeks, 5 days ago

Senior Engineering Manager, @canonical

Boring code is an organizational tell

Boring code is an organizational symptom, not an aesthetic failure. Co-change patterns in version control reveal team boundaries before any retrospective does; ownership concentration predicts defects better than code complexity metrics. With agents removing the friction that contained clever code accumulation, the incentive structures that produce boring code have never mattered more.

Activity

@simme started using tool Ubuntu , 2 weeks, 5 days ago.

Activity

@simme started using tool TypeScript , 2 weeks, 5 days ago.

Activity

@simme started using tool Python , 2 weeks, 5 days ago.

Activity

@simme started using tool PostgreSQL , 2 weeks, 5 days ago.

Activity

@simme started using tool lxd , 2 weeks, 5 days ago.

Activity

@simme started using tool Kubernetes , 2 weeks, 5 days ago.

Activity

@simme started using tool K6 , 2 weeks, 5 days ago.

Activity

@simme started using tool Juju , 2 weeks, 5 days ago.

Syft, created by Anchore, is an open source Software Bill of Materials (SBOM) generator that analyzes container images, filesystems, repositories, and archives. It produces SBOMs in multiple standards, including SPDX, CycloneDX, and Syft's own JSON format. Syft identifies packages across ecosystems like Debian, Alpine, Python, Java, Ruby, Node.js, and Go. It integrates seamlessly with CI/CD pipelines, supports reproducible builds, and works alongside Grype for vulnerability scanning. Organizations rely on Syft to improve software supply chain transparency, meet compliance requirements, and enable automated security workflows.