CycloneDX SBOM Generation Tool for Python
This tool generates Software Bill of material (SBOM) documents in OWASP CycloneDX format.
Supported data sources are:
Python (virtual) environment
Poetry manifest and lockfile
Pipenv manifest and lockfile
Pip’s requirements file format format
Based on OWASP Software Component Verification Standard for Software Bill of Materials’s criteria, this tool is capable of producing SBOM documents almost passing Level-2 (only signing needs to be done externally).
- Python support
- Upgrading to v4