Add a sbom_generator command-line tool. #170

licquia · 2021-06-15T13:43:06Z

This tool generates a SPDX software bill of materials (SBOM)
from a Python project. It's intended to make it easy to generate
SBOMs from Python projects with a simple dev dependency and a single
command.

This tool generates a SPDX software bill of materials (SBOM) from a Python project. It's intended to make it easy to generate SBOMs from Python projects with a simple dev dependency and a single command. Signed-off-by: Jeff Licquia <licquia@linuxfoundation.org>

pombredanne

@licquia Thanks! that's great but IMHO:

this would be best in the examples directory or a separate repo especially since this is making outgoing networks calls on a whole current installation. That would need to be documented too.
This would benefit from some doc and tests
This introduces an undeclared dependency with importlib_metadata

pombredanne · 2021-07-28T15:24:06Z

Gentle ping.

licquia · 2021-09-20T13:36:28Z

Yes, sorry for not following up. Since development on this and on the original tool have both moved on, I'm going to submit a new PR for this.

licquia mentioned this pull request Jun 15, 2021

Add sbom_generator command-line tool #171

Open

pombredanne requested changes Jun 15, 2021

View reviewed changes

Merge branch 'master' into sbom_cli

b1dfbe9

Merge branch 'main' into sbom_cli

f892fc7

licquia closed this Sep 20, 2021

licquia mentioned this pull request Sep 20, 2021

Add a SBOM command-line generator tool. #191

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add a sbom_generator command-line tool. #170

Add a sbom_generator command-line tool. #170

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Add a sbom_generator command-line tool. #170

Add a sbom_generator command-line tool. #170

Uh oh!

Conversation

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!