Securing the open source ecosystem: SBOMs are no longer optional

To truly secure software, we need to know what's inside. That's where a software bill of material comes in.