Skip to main content
cancel
Showing results for 
Search instead for 
Did you mean: 

Grow your Fabric skills and prepare for the DP-600 certification exam by completing the latest Microsoft Fabric challenge.

Reply
ECorona
Frequent Visitor

Does it make sense try to make a SBOM file for Power BI Custom Connector?

I'm, making a custom connector for the company I work for, but based on the DevOps and TI deparments, If I want share the connector be used in the company I must meet certain requeriments and one of the is a SBOM file to determinate everything is ok.

But is it possible or makes sense generate a SBOM file for a custom connector?, TBH, I don't know if is possible or makes sense, having in mind that:

  • You can see the source code of custom and certified connectors just unzipping the .mez/.pqx file.
  • The connector needs Power BI Desktop to be used or perform something. 
  • At least with my knowledge, I don't know if you can do something "harmful" using Power Query M language in terms of using the language.
  • I cannot think in any dependency for the connector. 

Besides that, is there a way of do the SBOM file for a custom connector? 

1 REPLY 1
lbendlin
Super User
Super User

At least with my knowledge, I don't know if you can do something "harmful" using Power Query M language in terms of using the language.

Unfortunately, that is possible. Depending on the scope of the credentials used in the connector your native query can include insert/delete/update etc statements affecting your data source. Power Query can also run Python and R scripts that can equally contain destructive payloads.

Helpful resources

Announcements
RTI Forums Carousel3

New forum boards available in Real-Time Intelligence.

Ask questions in Eventhouse and KQL, Eventstream, and Reflex.

MayPowerBICarousel

Power BI Monthly Update - May 2024

Check out the May 2024 Power BI update to learn about new features.