Testing of integrating Eclipse SW360 with ORT
The end goal is to capture all third party components used in particular Eclipse projects., in SW360. We may have an entry for a project, and entries for third party components. All third party components that the transitive dependencies of the project should be listed in SW360. This could help with generation of SBOMs for projects and future security vulnerability monitoring.
As of now, this issue is to see how to integrate SW360 to ORT so that all projects scanned using ORT could have entries in SW360 generated automatically. If there are new third party components as dependencies added in a scan, the components need to be added to the project in SW360.