Comment by sunnyday_002
5 hours ago
So the lockfile is a superset, but never a subset?
So it basically is an SBOM then but just sometimes has extra dependencies?
5 hours ago
So the lockfile is a superset, but never a subset?
So it basically is an SBOM then but just sometimes has extra dependencies?
Superset of dependencies, but often a subset of info per depedency.
Ah okay! I know Rust has the transitive dependencies did not think/realise all languages might not, good point!