import type { InfoTabType } from '../types' interface InfoTabsSectionProps { activeInfoTab: InfoTabType setActiveInfoTab: (tab: InfoTabType) => void showFullDocs: boolean setShowFullDocs: (show: boolean) => void } export function InfoTabsSection({ activeInfoTab, setActiveInfoTab, showFullDocs, setShowFullDocs, }: InfoTabsSectionProps) { return (

{/* Tab Headers */}

{/* Tab Content */}

{activeInfoTab === 'audit' && } {activeInfoTab === 'documentation' && ( )}

) } function AuditTab() { return (

{/* SBOM Status */}

SBOM Status

{[ { label: 'Letzte Generierung', value: 'CI/CD' }, { label: 'Format', value: 'CycloneDX 1.5' }, { label: 'Komponenten', value: 'Alle erfasst' }, { label: 'Transitive Deps', value: 'Inkludiert' }, ].map((item) => (

{item.label} {item.value}

))}

{/* License Compliance */}

License Compliance

{[ { label: 'Erlaubte Lizenzen', value: 'MIT, Apache, BSD', color: 'bg-green-500' }, { label: 'Copyleft (GPL)', value: '0', color: 'bg-green-500' }, { label: 'Unbekannte Lizenzen', value: '0', color: 'bg-green-500' }, { label: 'Kommerzielle', value: 'Review erforderlich', color: 'bg-yellow-500' }, ].map((item) => (

{item.label} {item.value}

))}

) } function DocumentationTab({ showFullDocs, setShowFullDocs, }: { showFullDocs: boolean setShowFullDocs: (show: boolean) => void }) { return (

SBOM Dokumentation

{!showFullDocs ? : }

) } function DocsSummary() { return (

Das SBOM-Modul generiert und analysiert die vollstaendige Komponentenliste aller Software-Abhaengigkeiten. Es dient der Compliance, Sicherheit und Supply-Chain-Transparenz.

Generator

Syft (Primary), Trivy (Validation)

Format

CycloneDX 1.5, SPDX

Retention

5 Jahre (Compliance)

) } function DocsFullContent() { return (

Software Bill of Materials (SBOM)

1. Uebersicht

Das SBOM-Modul generiert und analysiert die vollstaendige Komponentenliste aller Software-Abhaengigkeiten. Es dient der Compliance, Sicherheit und Supply-Chain-Transparenz.

2. SBOM-Generierung

{`Source Code
     |
     v
+---------------------------------------------------------------+
|                     SBOM Generators                           |
|  +-------------+  +-------------+  +---------------------+   |
|  |    Syft     |  |   Trivy     |  |  Native Tooling     |   |
|  |  (Primary)  |  | (Validation)|  | (npm, go mod, pip)  |   |
|  +------+------+  +------+------+  +----------+----------+   |
+---------+----------------+--------------------+---------------+
          |                |                    |
          +----------------+--------------------+
                           |
                           v
                  +----------------+
                  |   CycloneDX    |
                  |    Format      |
                  +----------------+`}

3. Erfasste Komponenten

Typ	Quelle	Beispiele
npm packages	package-lock.json	react, next, tailwindcss
Go modules	go.sum	gin, gorm, jwt-go
Python packages	requirements.txt	fastapi, pydantic, httpx
Container Images	Dockerfile	node:20-alpine, postgres:16
OS Packages	apk, apt	openssl, libpq

4. License Compliance

Kategorie	Lizenzen	Status
Permissive (erlaubt)	MIT, Apache 2.0, BSD, ISC	OK
Weak Copyleft	LGPL, MPL	Review
Strong Copyleft	GPL, AGPL	Nicht erlaubt
Proprietaer	Commercial	Genehmigung

5. Aufbewahrung & Compliance

Retention: 5 Jahre (Compliance)
Format: JSON + PDF Report
Signierung: Digital signiert
Audit: Jederzeit abrufbar

) }