siderolabs
diff --git a/‎Makefile‎
Lines changed: 0 additions & 4 deletions b/‎Makefile‎
Lines changed: 0 additions & 4 deletions
diff --git a/‎public/docs.json‎
Lines changed: 0 additions & 258 deletions b/‎public/docs.json‎
Lines changed: 0 additions & 258 deletions
diff --git a/‎public/talos/v1.14/advanced-guides/SBOM.mdx‎
Lines changed: 91 additions & 0 deletions b/‎public/talos/v1.14/advanced-guides/SBOM.mdx‎
Lines changed: 91 additions & 0 deletions
@@ -49,7 +49,6 @@ docs.json: common.yaml omni.yaml ## Generate and validate docs.json from multipl
 		talos-v1.9.yaml \
 		talos-v1.8.yaml \
 		talos-v1.7.yaml \
-		talos-v1.6.yaml \
 		omni.yaml \
 		kubernetes-guides.yaml \
 		changelog.yaml \
@@ -65,7 +64,6 @@ docs.json-local: common.yaml omni.yaml docs-gen/main.go ## Generate docs.json us
 		../talos-v1.9.yaml \
 		../talos-v1.8.yaml \
 		../talos-v1.7.yaml \
-		../talos-v1.6.yaml \
 		../omni.yaml \
 		../kubernetes-guides.yaml \
 		../changelog.yaml \
@@ -82,7 +80,6 @@ check-missing: ## Check for MDX files not included in config files
 		talos-v1.9.yaml \
 		talos-v1.8.yaml \
 		talos-v1.7.yaml \
-		talos-v1.6.yaml \
 		omni.yaml \
 		kubernetes-guides.yaml \
 		changelog.yaml
@@ -98,7 +95,6 @@ check-missing-local: ## Check for missing files using local Go build
 		../talos-v1.9.yaml \
 		../talos-v1.8.yaml \
 		../talos-v1.7.yaml \
-		../talos-v1.6.yaml \
 		../omni.yaml \
 		../kubernetes-guides.yaml \
 		../changelog.yaml
 
@@ -2329,264 +2329,6 @@
                 ]
               }
             ]
-          },
-          {
-            "version": "v1.6",
-            "groups": [
-              {
-                "group": "Overview",
-                "pages": [
-                  "talos/v1.6/overview/what-is-talos"
-                ]
-              },
-              {
-                "group": "Getting Started",
-                "pages": [
-                  "talos/v1.6/getting-started/system-requirements",
-                  "talos/v1.6/getting-started/talosctl",
-                  "talos/v1.6/getting-started/quickstart",
-                  "talos/v1.6/getting-started/getting-started",
-                  "talos/v1.6/getting-started/prodnotes",
-                  "talos/v1.6/getting-started/deploy-first-workload",
-                  "talos/v1.6/getting-started/what's-new-in-talos",
-                  "talos/v1.6/getting-started/support-matrix"
-                ]
-              },
-              {
-                "group": "Platform specific installation",
-                "pages": [
-                  {
-                    "group": "Bare Metal Platforms",
-                    "pages": [
-                      "talos/v1.6/platform-specific-installations/bare-metal-platforms/digital-rebar",
-                      "talos/v1.6/platform-specific-installations/bare-metal-platforms/equinix-metal",
-                      "talos/v1.6/platform-specific-installations/bare-metal-platforms/iso",
-                      "talos/v1.6/platform-specific-installations/bare-metal-platforms/matchbox",
-                      "talos/v1.6/platform-specific-installations/bare-metal-platforms/network-config",
-                      "talos/v1.6/platform-specific-installations/bare-metal-platforms/pxe",
-                      "talos/v1.6/platform-specific-installations/bare-metal-platforms/secureboot"
-                    ]
-                  },
-                  {
-                    "group": "Virtualized Platforms",
-                    "pages": [
-                      "talos/v1.6/platform-specific-installations/virtualized-platforms/hyper-v",
-                      "talos/v1.6/platform-specific-installations/virtualized-platforms/kvm",
-                      "talos/v1.6/platform-specific-installations/virtualized-platforms/proxmox",
-                      "talos/v1.6/platform-specific-installations/virtualized-platforms/vagrant-libvirt",
-                      "talos/v1.6/platform-specific-installations/virtualized-platforms/vmware",
-                      "talos/v1.6/platform-specific-installations/virtualized-platforms/xen"
-                    ]
-                  },
-                  {
-                    "group": "Cloud Platforms",
-                    "pages": [
-                      "talos/v1.6/platform-specific-installations/cloud-platforms/aws",
-                      "talos/v1.6/platform-specific-installations/cloud-platforms/azure",
-                      "talos/v1.6/platform-specific-installations/cloud-platforms/digitalocean",
-                      "talos/v1.6/platform-specific-installations/cloud-platforms/exoscale",
-                      "talos/v1.6/platform-specific-installations/cloud-platforms/gcp",
-                      "talos/v1.6/platform-specific-installations/cloud-platforms/hetzner",
-                      "talos/v1.6/platform-specific-installations/cloud-platforms/nocloud",
-                      "talos/v1.6/platform-specific-installations/cloud-platforms/openstack",
-                      "talos/v1.6/platform-specific-installations/cloud-platforms/oracle",
-                      "talos/v1.6/platform-specific-installations/cloud-platforms/scaleway",
-                      "talos/v1.6/platform-specific-installations/cloud-platforms/upcloud",
-                      "talos/v1.6/platform-specific-installations/cloud-platforms/vultr"
-                    ]
-                  },
-                  {
-                    "group": "Local Platforms",
-                    "pages": [
-                      "talos/v1.6/platform-specific-installations/local-platforms/docker",
-                      "talos/v1.6/platform-specific-installations/local-platforms/qemu",
-                      "talos/v1.6/platform-specific-installations/local-platforms/virtualbox"
-                    ]
-                  },
-                  {
-                    "group": "Single Board Computers",
-                    "pages": [
-                      "talos/v1.6/platform-specific-installations/single-board-computers/bananapi_m64",
-                      "talos/v1.6/platform-specific-installations/single-board-computers/nanopi_r4s",
-                      "talos/v1.6/platform-specific-installations/single-board-computers/jetson_nano",
-                      "talos/v1.6/platform-specific-installations/single-board-computers/libretech_all_h3_cc_h5",
-                      "talos/v1.6/platform-specific-installations/single-board-computers/pine64",
-                      "talos/v1.6/platform-specific-installations/single-board-computers/rock64",
-                      "talos/v1.6/platform-specific-installations/single-board-computers/rockpi_4",
-                      "talos/v1.6/platform-specific-installations/single-board-computers/rockpi_4c",
-                      "talos/v1.6/platform-specific-installations/single-board-computers/rpi_generic"
-                    ]
-                  },
-                  "talos/v1.6/platform-specific-installations/boot-assets",
-                  "talos/v1.6/platform-specific-installations/air-gapped",
-                  "talos/v1.6/platform-specific-installations/omni"
-                ]
-              },
-              {
-                "group": "Deploying and managing workloads",
-                "pages": [
-                  "talos/v1.6/deploy-and-manage-workloads/interactive-dashboard",
-                  "talos/v1.6/deploy-and-manage-workloads/scaling-up",
-                  "talos/v1.6/deploy-and-manage-workloads/scaling-down",
-                  "talos/v1.6/deploy-and-manage-workloads/workers-on-controlplane"
-                ]
-              },
-              {
-                "group": "Networking",
-                "pages": [
-                  "talos/v1.6/networking/advanced-networking",
-                  "talos/v1.6/networking/corporate-proxies",
-                  "talos/v1.6/networking/egress-domains",
-                  "talos/v1.6/networking/ingress-firewall",
-                  "talos/v1.6/networking/kubespan",
-                  "talos/v1.6/networking/metal-network-configuration",
-                  "talos/v1.6/networking/device-selector",
-                  "talos/v1.6/networking/predictable-interface-names",
-                  "talos/v1.6/networking/siderolink",
-                  "talos/v1.6/networking/vip",
-                  "talos/v1.6/networking/wireguard-network"
-                ]
-              },
-              {
-                "group": "Security",
-                "pages": [
-                  "talos/v1.6/security/cert-management",
-                  "talos/v1.6/security/certificate-authorities",
-                  "talos/v1.6/security/iam-roles-for-service-accounts",
-                  "talos/v1.6/security/machine-config-oauth",
-                  "talos/v1.6/security/rbac",
-                  "talos/v1.6/security/verifying-images"
-                ]
-              },
-              {
-                "group": "Build and extend Talos",
-                "pages": [
-                  {
-                    "group": "Custom Images \u0026 Development",
-                    "pages": [
-                      "talos/v1.6/build-and-extend-talos/custom-images-and-development/building-images",
-                      "talos/v1.6/build-and-extend-talos/custom-images-and-development/proprietary-kernel-modules",
-                      "talos/v1.6/build-and-extend-talos/custom-images-and-development/customizing-the-kernel",
-                      "talos/v1.6/build-and-extend-talos/custom-images-and-development/developing-talos",
-                      "talos/v1.6/build-and-extend-talos/custom-images-and-development/extension-services",
-                      "talos/v1.6/build-and-extend-talos/custom-images-and-development/system-extensions"
-                    ]
-                  },
-                  {
-                    "group": "Cluster Operations \u0026 Maintenance",
-                    "pages": [
-                      "talos/v1.6/build-and-extend-talos/cluster-operations-and-maintenance/disaster-recovery",
-                      "talos/v1.6/build-and-extend-talos/cluster-operations-and-maintenance/etcd-maintenance"
-                    ]
-                  }
-                ]
-              },
-              {
-                "group": "Configure your Talos cluster",
-                "pages": [
-                  {
-                    "group": "System Configuration",
-                    "pages": [
-                      "talos/v1.6/configure-your-talos-cluster/system-configuration/patching",
-                      "talos/v1.6/configure-your-talos-cluster/system-configuration/editing-machine-configuration",
-                      "talos/v1.6/configure-your-talos-cluster/system-configuration/discovery",
-                      "talos/v1.6/configure-your-talos-cluster/system-configuration/reproducible-machine-configuration",
-                      "talos/v1.6/configure-your-talos-cluster/system-configuration/insecure"
-                    ]
-                  },
-                  {
-                    "group": "Images \u0026 Container Runtime",
-                    "pages": [
-                      "talos/v1.6/configure-your-talos-cluster/images-container-runtime/containerd",
-                      "talos/v1.6/configure-your-talos-cluster/images-container-runtime/pull-through-cache",
-                      "talos/v1.6/configure-your-talos-cluster/images-container-runtime/static-pods"
-                    ]
-                  },
-                  {
-                    "group": "Storage \u0026 Disk Management",
-                    "pages": [
-                      "talos/v1.6/configure-your-talos-cluster/storage-and-disk-management/disk-encryption"
-                    ]
-                  },
-                  {
-                    "group": "Logging \u0026 Telemetry",
-                    "pages": [
-                      "talos/v1.6/configure-your-talos-cluster/logging-and-telemetry/logging"
-                    ]
-                  },
-                  {
-                    "group": "Hardware \u0026 Drivers",
-                    "pages": [
-                      "talos/v1.6/configure-your-talos-cluster/hardware-and-drivers/nvidia-fabricmanager",
-                      "talos/v1.6/configure-your-talos-cluster/hardware-and-drivers/nvidia-gpu",
-                      "talos/v1.6/configure-your-talos-cluster/hardware-and-drivers/nvidia-gpu-proprietary"
-                    ]
-                  },
-                  {
-                    "group": "Lifecycle Management",
-                    "pages": [
-                      "talos/v1.6/configure-your-talos-cluster/lifecycle-management/upgrading-talos",
-                      "talos/v1.6/configure-your-talos-cluster/lifecycle-management/resetting-a-machine"
-                    ]
-                  }
-                ]
-              },
-              {
-                "group": "Advanced guides",
-                "pages": [
-                  "talos/v1.6/advanced-guides/migrating-from-kubeadm"
-                ]
-              },
-              {
-                "group": "Reference",
-                "pages": [
-                  "talos/v1.6/reference/configuration/overview",
-                  "talos/v1.6/reference/configuration/v1alpha1/config",
-                  "talos/v1.6/reference/kernel",
-                  "talos/v1.6/reference/cli",
-                  "talos/v1.6/reference/api",
-                  "talos/v1.6/reference/configuration/siderolink/siderolinkconfig",
-                  {
-                    "group": "Network",
-                    "pages": [
-                      "talos/v1.6/reference/configuration/network/networkdefaultactionconfig",
-                      "talos/v1.6/reference/configuration/network/networkruleconfig"
-                    ]
-                  },
-                  {
-                    "group": "Runtime",
-                    "pages": [
-                      "talos/v1.6/reference/configuration/runtime/eventsinkconfig",
-                      "talos/v1.6/reference/configuration/runtime/kmsglogconfig"
-                    ]
-                  }
-                ]
-              },
-              {
-                "group": "Troubleshooting and support",
-                "pages": [
-                  "talos/v1.6/troubleshooting/troubleshooting",
-                  "talos/v1.6/troubleshooting/faqs"
-                ]
-              },
-              {
-                "group": "Learn more",
-                "pages": [
-                  "talos/v1.6/learn-more/architecture",
-                  "talos/v1.6/learn-more/components",
-                  "talos/v1.6/learn-more/control-plane",
-                  "talos/v1.6/learn-more/controllers-resources",
-                  "talos/v1.6/learn-more/image-factory",
-                  "talos/v1.6/learn-more/knowledge-base",
-                  "talos/v1.6/learn-more/kubespan",
-                  "talos/v1.6/learn-more/networking-resources",
-                  "talos/v1.6/learn-more/philosophy",
-                  "talos/v1.6/learn-more/process-capabilities",
-                  "talos/v1.6/learn-more/talos-network-connectivity",
-                  "talos/v1.6/learn-more/talosctl"
-                ]
-              }
-            ]
           }
         ]
       },
 
@@ -0,0 +1,91 @@
+---
+title: "SBOMs"
+description: "A guide on using Software Bill of Materials for Talos Linux."
+---
+
+import { VersionWarningBanner } from "/snippets/version-warning-banner.jsx"
+
+<VersionWarningBanner />
+
+import { release_v1_13 } from '/snippets/custom-variables.mdx';
+
+Software Bill of Materials (SBOM) is a formal record containing the details and supply chain relationships of various components used in building a software product.
+SBOMs are used to provide transparency and traceability of software components, which is essential for security, compliance, and efficient management of software supply chains.
+
+Talos Linux provides SBOMs for core operating system components, including the Linux kernel, built-in components like `containerd`, and other software packages used to build Talos Linux.
+When a system extension is installed, it can also provide its own SBOM, which will be included in the overall SBOM for the Talos Linux system.
+
+## Acquiring SBOMs
+
+SBOMs for Talos Linux are provided in SPDX format, which is a standard format for representing SBOMs.
+You can acquire SBOMs for Talos Linux in the following ways:
+
+* Download the SBOM for a specific Talos Linux release from the <a href={`https://github.com/siderolabs/talos/releases/tag/${release_v1_13}`}> GitHub release</a> page:
+  * `talos-amd64.spdx.json` for the amd64 architecture.
+  * `talos-arm64.spdx.json` for the arm64 architecture.
+* Acquire the SBOM from a running Talos Linux system using the `talosctl` command:
+  * core Talos Linux SBOM in the `/usr/share/spdx` directory.
+  * extension SBOMs in the `/usr/local/share/spdx` directory.
+
+## SBOMs as resources
+
+Talos Linux SBOMs are also available as resources in the Talos Linux system.
+You can access the SBOMs using the `talosctl` command:
+
+<CodeBlock lang="sh">
+{`
+talosctl get sboms
+NODE         NAMESPACE   TYPE       ID              VERSION   VERSION                LICENSE
+172.20.0.2   runtime     SBOMItem   Talos           1         ${release_v1_13}
+172.20.0.2   runtime     SBOMItem   apparmor        1         v3.1.7                 GPL-2.0-or-later
+172.20.0.2   runtime     SBOMItem   cel.dev/expr    1         v0.24.0
+...
+`}
+</CodeBlock>
+
+You can also get the SBOM for a specific component using the `talosctl get sbom` command:
+
+```yaml
+# talosctl get sbom kernel -o yaml
+node: 172.20.0.2
+metadata:
+    namespace: runtime
+    type: SBOMItems.talos.dev
+    id: kernel
+    version: 1
+    owner: runtime.SBOMItemController
+    phase: running
+    created: 2025-07-24T14:20:29Z
+    updated: 2025-07-24T14:20:29Z
+spec:
+    name: kernel
+    version: 6.12.38
+    license: GPL-2.0-only
+    cpes:
+        - cpe:2.3:o:linux:linux_kernel:6.12.38:*:*:*:*:*:*:*
+```
+
+## Scanning SBOMs
+
+You can scan SBOMs for known vulnerabilities using tools like [Grype](https://github.com/anchore/grype).
+You will need two source files for scanning:
+
+* The SBOM file in SPDX format.
+* The vulnerability exclusion database (VEX).
+
+VEX database is used to filter out vulnerabilities that are not applicable to the specific software version or configuration,
+which helps to reduce false positives in vulnerability scanning.
+
+<Note> The VEX database is available to Enterprise customers of Talos Linux. Contact [Sidero support](https://www.siderolabs.com/contact/) for access. </Note>
+
+The basic command to scan the SBOM is as follows:
+
+```bash
+grype sbom:talos-amd64.spdx.json
+```
+
+With VEX database, the command becomes:
+
+```bash
+grype sbom:talos-amd64.spdx.json --vex vex.json
+```