Bug#1122577: ITP: debsbom -- Software Bill of Materials generator for distributions based on Debian
Package: wnpp
Severity: wishlist
Owner: Felix Moessbauer <felix.moessbauer@siemens.com>
X-Debbugs-Cc: debian-devel@lists.debian.org
* Package name : debsbom
Version : 0.5.1
Upstream Contact: Felix Moessbauer <felix.moessbauer@siemens.com>
* URL : https://github.com/siemens/debsbom
* License : MIT
Programming Lang: Python
Description : Software Bill of Materials generator for distributions based on Debian
debsbom generates SBOMs (Software Bill of Materials) for distributions based on Debian in the two standard formats SPDX and CycloneDX.
The generated SBOM includes all installed binary packages and also contains Debian Source packages.
While the package is still quite young, it already has some known
adoption within the Debian community. It also is the first SBOM
generator (we know of) that fully integrates with the Debian tooling
(dpkg and apt) and that is packagable in Debian.
All needed dependencies are already in sid.
The package further has extensive documentation and clearly documents
design decisions regarding HOW to fill in the various format fields.
This can further be used to work on remaining gaps in Debian to generate
"perfect" SBOMs from the list of installed packages.
I plan to maintain it under the Debian Python Team.
Best regards,
Felix Moessbauer
Siemens AG
Reply to: