Join our weekly *Open Source Security* live stream! Watch Anchore's Developer Relations and Engineering teams collaborate in real-time on crucial *Software Supply Chain Security* tools. This session focuses on improving *Syft* (for *SBOM* generation) and *Grype* (for *vulnerability scanning*), addressing community-raised issues and pull requests. Every Thursday, "Open Source Gardening" offers a transparent look into maintaining popular *open source security* projects. We'll dive into items marked 'needs discussion' and, time permitting, tackle other interesting contributions. Learn development best practices, understand the challenges of *SBOM* accuracy, and see how *vulnerability scanning* tools evolve. Whether you're a contributor, user, or just curious about *open source security*, tune in to learn and engage with the minds behind Anchore's OSS tools. *Agenda:* - Discuss and resolve issues/PRs tagged 'needs discussion'. - Tackle other high-priority or interesting community contributions for Syft, Grype, and related projects. *Resources & Learn More:* - Learn about SBOMs: [Link to Anchore's SBOM pillar page/guide if available] - Dive into Software Supply Chain Security: [Link to relevant Anchore pillar page/blog if available] - Syft on GitHub: https://github.com/anchore/syft - Grype on GitHub: https://github.com/anchore/grype - Join the Community Discussion: https://anchore.com/discourse - All Anchore Open Source Projects: https://github.com/anchore - Sign-up for the OSS Newsletter: https://get.anchore.com/anchore-community/ #OpenSourceSecurity #SBOM #SoftwareSupplyChainSecurity