实现示例type SbomRef = { uri: string; sha256: string }
function hex64(h: string): boolean { return /^[A-Fa-f0-9]{64}$/.test(h) }
function uriAllowed(u: string, allow: Set<string>): boolean { try { const x = new URL(u); return x.protocol === 'https:' && allow.has(x.origin) } catch { return false } }
function validRef(r: SbomRef, allow: Set<string>): boolean { return uriAllowed(r.uri, allow) && hex64(r.sha256) }
审计与运行治理审计SBOM引用与哈希;缓存与API域变更需审批与归档。消费前进行校验与签名验证。
发表评论 取消回复