[sw360-dev] [GSoC 2026] Proposal Draft: SBOM Validation and Dependency V

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[sw360-dev] [GSoC 2026] Proposal Draft: SBOM Validation and Dependency Visualization - Vasvi Garg

From: Vasvi Garg <gargvasvi2004@xxxxxxxxx>
Date: Mon, 9 Mar 2026 14:06:54 +0530
Arc-authentication-results: i=1; mx.google.com; arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=to:subject:message-id:date:from:mime-version:dkim-signature; bh=pzIvEbyewq4velRLnn4/YQa+n+7Oj/0JCn1pVg9vz0s=; fh=7FanEOCV9X9tOg/bIG46eXC+I48nYjwMA4B1CUffZ7s=; b=gEtuhfeztlLNSrO4BA7T8VEaW8xp1LMoMYuiUnkuWd5fEZYwUK2d3UpXY2gQWB9Dmb vo3WtghhqzGP3BWWwXj7m73fgoxgEVptcqoIish5y5/O+xpe4o44rs3+zxWc6DlPjmZB J5Ao6+ss5Ony2tHBJDLaox4ExaAeD5QZfdxBcX60zeYz1bNgcHQR/VnFrlvqWDqhPCRj jUTW+UtDN+Cw0683b9Z6lrZFBgurQhZ0c6GwmJImFeaPbvt8EbAsJ+yhjPL2vO4NimAW R0ictiCfzZJ+uGvSlTVJeYz3jkicl4tt20QtulrsvAXrTQOPLetzh37H+mp2glyaQiD/ UPUA==; darn=eclipse.org
Arc-seal: i=1; a=rsa-sha256; t=1773045422; cv=none; d=google.com; s=arc-20240605; b=HZk3rGPMJw3blPksgyQNxaKLHXYWFXh1C4qX6Aiq9JgwkRGBBE3D8IR7SnFQXvJ6va lPmj+n8+uoQCj/Tf9wZtnrzAhEq6Gie1KOC7fuNoa1VXNH5XiCnSoaSnSI0jaxvKdyHn +mR/HNjOFRWozzq2E5Pbp8tA2eCyOeT8l2WSqQEN0WDaAGbrwV4XH+cVZmTMDkGaK2gS 9usaN/HScyZDAn3glFdHzmgwzSwMxPAEVIYw0nTJGyAqPLblGbIKazF+ZoURJvvPnJC+ UEmsO3CBFazdv9UvVfacUNM4PKpHgP7cK7N/QkTlMdBKLCMWqx9xvS/+mfXev/0/MGo+ sYyQ==
Delivered-to: sw360-dev@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/sw360-dev/>
List-help: <mailto:sw360-dev-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/sw360-dev>, <mailto:sw360-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/sw360-dev>, <mailto:sw360-dev-request@eclipse.org?subject=unsubscribe>

Hi SW360 Team,

I am Vasvi Garg, a Full-Stack Engineer and Computer Science student. I’ve been actively contributing to the SW360 ecosystem, recently focusing on PR #3816, where I implemented a recursive logic to display CycloneDX dependency hierarchies.

For GSoC 2026, I am proposing a project to further enhance these capabilities: Automated SBOM Validation and Visualization. My goal is to implement a robust validation layer for incoming SBOMs (CycloneDX/SPDX) and a modern visualization component for the dependency tree.

I have prepared a draft proposal here: https://docs.google.com/document/d/1sYv85FfYbU6BCuqRzuHAP6wpi4LU-jfAlFjZnkHHrLI/edit?usp=sharing

I would greatly appreciate any feedback from the mentors, specifically regarding:

The choice between React Flow and D3.js for the visualization component.
The prioritization of specific validation rules (e.g., NTIA minimum elements vs. security metadata).

Looking forward to hearing your thoughts!

Best regards,

Vasvi Garg

GitHub: vasvigarg

Prev by Date: [sw360-dev] Meeting invitation for GSoC discussions at SW360
Previous by thread: [sw360-dev] Meeting invitation for GSoC discussions at SW360
Index(es):
- Date
- Thread

Breadcrumbs