Welcome to SBOM Insights! This guide will help you contribute to our blog about Software Bill of Materials (SBOM), supply chain security, and related topics.
Want to quickly add a blog post? Follow these steps:
# 1. Clone the repository
git clone https://github.com/interlynk-io/sbom-insights.git
cd sbom-insights
# 2. Create a new post (replace with your title)
make new-post TITLE="My SBOM Journey"
# 3. Edit your post
# Open content/posts/my-sbom-journey.md in your editor
# Add your content after the front matter
# 4. Test your post locally
make serve
# Open http://localhost:1313 in your browser
# 5. When ready, build the site
make build
# 6. Create a PR with your changes
git checkout -b post/my-sbom-journey
git add .
git commit -m "Add post: My SBOM Journey"
git push origin post/my-sbom-journeyThat's it! Your post will be reviewed and published. For more details, see the sections below.
- Getting Started
- Adding a New Post
- Adding Author Information
- Categories and Tags
- Local Development
- Content Guidelines
- Submission Process
This site is built with Hugo using the PaperMod theme. To contribute, you'll need:
- Git for version control
- Hugo (optional for local preview)
- A text editor for writing Markdown
# Clone the repository
git clone https://github.com/interlynk-io/sbom-insights.git
cd sbom-insights
# Initialize submodules (PaperMod theme) - already done
git submodule update --init --recursive
# Install Hugo (optional, for local preview)
# On macOS
brew install hugo
# On Ubuntu/Debian
snap install hugo
# On Windows
choco install hugo-extendedWe provide a Makefile with helpful automation commands:
# View all available commands
make help| Command | Description | Usage |
|---|---|---|
make help |
Display all available commands | make help |
make serve |
Run Hugo development server with drafts on http://localhost:1313 | make serve |
make build |
Build production site with minification | make build |
make clean |
Remove build artifacts (public/ and resources/) | make clean |
make new-post |
Create a new blog post with automatic filename formatting | make new-post TITLE="Your Post Title" |
make deploy |
Build and deploy to Netlify production | make deploy |
make preview |
Deploy a preview to Netlify | make preview |
make update-theme |
Update PaperMod theme to latest version | make update-theme |
make check-links |
Check for broken links in built site (requires htmltest) | make check-links |
make format |
Format all markdown files with prettier | make format |
# Start writing a new post
make new-post TITLE="Understanding SBOM Formats"
make serve # Preview at http://localhost:1313
# Ready to submit?
make format # Clean up formatting
make check-links # Verify all links work
make build # Final build check
# Deploy (for maintainers)
make preview # Test deployment
make deploy # Production deploymentCreate a new Markdown file in the content/posts/ directory:
# Using Hugo (recommended)
hugo new posts/your-post-title.md
# Or manually create the file
touch content/posts/your-post-title.mdEvery post needs front matter at the top. Here's the template:
+++
title = "Your Post Title"
date = 2024-01-15T10:00:00Z
draft = false
description = "A brief description of your post (150-160 characters for SEO)"
author = "Your Name"
tags = ["SBOM", "Security", "Supply Chain"]
categories = ["Best Practices"]
toc = true
tocopen = false
weight = 1
cover = {
image = "/images/your-cover-image.jpg",
alt = "Cover image description",
caption = "Image caption if needed",
relative = false
}
+++- title: The title of your post
- date: Publication date (ISO 8601 format)
- draft: Set to
truewhile writing,falsewhen ready to publish - description: SEO meta description (150-160 characters)
- author: Your name (should match author data file)
- tags: Relevant keywords (lowercase, use existing tags when possible)
- categories: Main category (check existing categories first)
- toc: Show table of contents (true/false)
- tocopen: Open TOC by default (true/false)
- weight: Post priority (lower numbers appear first)
- cover: Optional cover image configuration
After the front matter, write your post in Markdown:
## Introduction
Start with a compelling introduction...
## Main Content
### Subsection 1
Your content here...
### Subsection 2
More content...
## Code Examples
\```json
{
"example": "code block"
}
\```
## Conclusion
Wrap up your post...- Use clear, descriptive headings (H2 for main sections, H3 for subsections)
- Include code examples where relevant
- Add images to the
/static/images/directory - Link to authoritative sources
- Keep paragraphs concise (3-5 sentences)
- Use lists for better readability
Create a YAML file in data/authors/ directory:
mkdir -p data/authors
touch data/authors/your-name.yamlname: "Your Full Name"
bio: "Brief bio about yourself and your expertise in SBOM/security"
email: "your.email@example.com"
company: "Your Company Name"
github: "yourusername"
linkedin: "yourusername"
twitter: "yourusername"
website: "https://yourwebsite.com"
copyright: "© 2025 Your Name" # Optional: custom copyright for your postsPlace your avatar image in /static/images/authors/:
cp your-photo.jpg static/images/authors/Image requirements:
- Format: JPEG or PNG
- Size: 400x400px (square)
- File size: Under 100KB
Use these primary categories for your posts:
- Best Practices: Implementation guides and recommendations
- Tools & Reviews: SBOM tool comparisons and reviews
- Standards: Information about SPDX, CycloneDX, etc.
- Industry News: Updates, regulations, and announcements
- Case Studies: Real-world implementations
- Security: Supply chain security topics
- Tutorials: How-to guides and walkthroughs
Use relevant tags from this list (you can add new ones if needed):
- SBOM, CycloneDX, SPDX, SWID
- Supply Chain, Security, Vulnerability
- Open Source, License Compliance
- DevSecOps, CI/CD, Automation
- Docker, Kubernetes, Container Security
- Python, JavaScript, Go, Java (language-specific)
- NTIA, CISA, EU CRA (regulatory)
# Start Hugo server with drafts (using Makefile)
make serve
# Or directly with Hugo
hugo server -D
# Without drafts
hugo server
# The site will be available at http://localhost:1313# Build the static site (using Makefile)
make build
# Or directly with Hugo
hugo --minify
# Build with drafts included
hugo -D
# Clean build artifacts
make clean
# The built site will be in the public/ directory- Technical Deep Dives: Detailed explanations of SBOM concepts
- Practical Guides: How to implement SBOM in real projects
- Tool Reviews: Honest assessments of SBOM tools
- Industry Analysis: Trends and developments in software transparency
- Case Studies: Success stories and lessons learned
- Security Research: Vulnerability management and supply chain security
- Tone: Professional but approachable
- Length: 800-2000 words typically
- Audience: DevOps engineers, security professionals, and technical managers
- Format: Use subheadings, bullet points, and code examples
- Citations: Link to sources and give credit
Before submitting, ensure your post:
- Has accurate technical information
- Includes practical examples
- Is free of spelling/grammar errors
- Has proper formatting and structure
- Includes relevant tags and categories
- Has a compelling title and description
- Credits all sources and references
- Fork the repository
- Create a feature branch:
git checkout -b post/your-post-title - Add your post and any images
- Commit your changes:
git commit -m "Add post: Your Post Title" - Push to your fork:
git push origin post/your-post-title - Create a Pull Request with:
- Brief description of your post
- Any special considerations
- Your author information if first time
- Create a branch:
git checkout -b post/your-post-title - Add your content
- Push and create a PR for review
- After approval, merge to main
All posts go through review for:
- Technical accuracy
- Writing quality
- Relevance to audience
- SEO optimization
- Code example correctness
Expect feedback within 3-5 business days.
- Use WebP or optimized JPEG/PNG
- Recommended tools: TinyPNG, Squoosh
- Maximum width: 1200px for cover images
- Use descriptive URLs (matching your filename)
- Write compelling meta descriptions
- Use heading hierarchy properly (H1 → H2 → H3)
- Include alt text for all images
- Internal linking to related posts
sbom-insights/
├── content/ # Blog content
│ ├── posts/ # Blog posts
│ ├── about.md # About page
│ └── contributors.md # Contributors page
├── data/
│ └── authors/ # Author profiles (YAML)
├── static/ # Static assets
│ └── images/ # Images
│ └── authors/ # Author avatars
├── themes/
│ └── PaperMod/ # Hugo theme
├── hugo.toml # Hugo configuration
├── Makefile # Build automation
├── netlify.toml # Netlify configuration
└── CONTRIBUTING.md # Contribution guidelines
- 📝 SBOM-focused content
- 👥 Multi-author support
- 🔍 Full-text search
- 📱 Responsive design
- 🌙 Dark/Light mode
- 📊 Reading time estimates
- 🏷️ Categories and tags
- 📡 RSS feed
- SBOM Standards (CycloneDX, SPDX)
- Generation tools and techniques
- Supply chain security
- Vulnerability management
- License compliance
- Implementation best practices
- Industry regulations (NTIA, EU CRA, etc.)
- Integration with CI/CD pipelines
- Container and cloud security
If you need assistance:
- Check existing posts for examples
- Review the Hugo documentation
- Open an issue with your question
- Contact the maintainers
All content in SBOM Insights is licensed under Creative Commons Attribution 4.0 International (CC BY 4.0).
- Copyright © 2025 Interlynk.io and Contributors
- Individual authors retain copyright to their contributions
- By contributing, you grant Interlynk.io rights under CC BY 4.0 to publish and distribute your content
- Proper attribution to original authors is required for any use
See CONTRIBUTORS.md for a list of all contributors.
- GitHub: github.com/interlynk-io
- LinkedIn: linkedin.com/company/interlynk
- Twitter: @interlynk
Thank you for contributing to SBOM Insights! Your knowledge and expertise help build a stronger SBOM community.