Package Info

spdx-sbom-generator

install

SPDX Software Bill of Materials (SBOM) Generator

Unspecified
The spdx-sbom-generator tool helps those in the community that want to
generate SPDX Software Bill of Materials (SBOMs) with current package
managers.


It has a command line Interface (CLI) that lets you generate SBOM
information, including components, licenses, copyrights, and security
references of your software using SPDX v2.2 specification and aligning
with the current known minimum elements from NTIA. It automatically
determines which package managers or build systems are actually being
used by the software.


spdx-sbom-generator is supporting the following (bundling) package managers:


    

  • GoMod (go)
    • 

  • Cargo (Rust)
    • 

  • Composer (PHP)
    • 

  • DotNet (.NET)
    • 

  • Maven (Java)
    • 

  • NPM (Node.js)
    • 

  • Yarn (Node.js)
    • 

  • PIP (Python)
    • 

  • Pipenv (Python)
    • 

  • Gems (Ruby)
    • 

  • Swift Package Manager (Swift)
    •
License: Apache-2.0 AND CC-BY-4.0
URL: https://github.com/opensbom-generator/spdx-sbom-generator

Categories

Unspecified

Releases

Package Version Update ID Released Package Hub Version Platforms Subpackages
0.0.13-bp156.2.16 info GA Release 2024-04-16 15 SP6
  • AArch64
  • ppc64le
  • s390x
  • x86-64
  • spdx-sbom-generator
0.0.13-bp155.1.11 info GA Release 2023-05-17 15 SP5
  • AArch64
  • ppc64le
  • s390x
  • x86-64
  • spdx-sbom-generator