Description

The European Union Cyber Resilience Act (which will take effect in 2027) requires Software vendors to provide a Software Bill of Materials (SBOM). Other government clients have already required software vendors to provide an SBOM.

Therefore, Primefaces should also provide an SBOM with all its dependencies on thrid-party libraries it uses and integrates.

Describe the solution you would like

For each new release of Primefaces provide a SBOM file with all third-party dependencies the new release uses or depends on.

Additional context

https://community.axonivy.com/d/774-supply-chain-security-getting-ready-for-2027