generated from coulomb/repo-seed
docs: CLAUDE.md — expand SBOM section with host_paths guidance
Clarify that the ops-bridge ingest_sbom_tool requires the lockfile to be accessible from the bridge machine, document requirements.txt generation command, and note the host_paths prerequisite (T05 partial). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
12
CLAUDE.md
12
CLAUDE.md
@@ -301,12 +301,18 @@ Templates: `~/the-custodian/canon/standards/contrib-templates/`
|
|||||||
|
|
||||||
## SBOM
|
## SBOM
|
||||||
|
|
||||||
After updating dependencies:
|
Re-run the SBOM after any dependency change (new package added/removed/upgraded in `pyproject.toml`).
|
||||||
|
|
||||||
|
The ops-bridge `ingest_sbom_tool` requires the lockfile to be accessible from the bridge machine.
|
||||||
|
Use a `requirements.txt` generated via:
|
||||||
```bash
|
```bash
|
||||||
cd ~/the-custodian/state-hub
|
pip list --format=freeze | grep -E "^(python-docx|PyYAML|typer|rich|mistune|fastapi|uvicorn|mcp|pytest|pytest-cov|ruff|mypy|types-PyYAML|httpx|pydantic|click|starlette|anyio|httpcore|certifi|h11|sniffio|idna)=" | sort > requirements.txt
|
||||||
make ingest-sbom REPO=marki-docx SCAN=1 REPO_PATH=/home/tegwick/marki-docx
|
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Then either:
|
||||||
|
- Run locally if API is accessible: `cd ~/the-custodian/state-hub && make ingest-sbom REPO=marki-docx SCAN=1 REPO_PATH=/home/tegwick/marki-docx`
|
||||||
|
- Or via MCP `ingest_sbom_tool` once `host_paths` mapping is configured for `marki-docx` in the custodian
|
||||||
|
|
||||||
---
|
---
|
||||||
|
|
||||||
## Quick Reference
|
## Quick Reference
|
||||||
|
|||||||
Reference in New Issue
Block a user