Skip to main content

CycloneDX software bill-of-material (SBOM) generation utility

Project description

Build Status License Website PyPI Group Discussion Twitter

CycloneDX Python Module

The CycloneDX module for Python creates a valid CycloneDX bill-of-material document containing an aggregate of all project dependencies. CycloneDX is a lightweight BOM specification that is easily created, human readable, and simple to parse.



A bill-of-material such as CycloneDX expects exact version numbers. Therefore requirements.txt must be frozen. This can be accomplished via:

$ pip freeze > requirements.txt


$ pip install cyclonedx-bom


By default, requirements.txt will be read from the current working directory and the resulting bom.xml will also be created in the current working directory. These options can be overwritten as follows:

$ cyclonedx-py
  Usage:  cyclonedx-py [OPTIONS]
    -i <path> - the alternate filename to a frozen requirements.txt
    -o <path> - the bom file to create


Permission to modify and redistribute is granted under the terms of the Apache 2.0 license.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for cyclonedx-bom, version 0.3.5
Filename, size File type Python version Upload date Hashes
Filename, size cyclonedx_bom-0.3.5-py2.py3-none-any.whl (20.9 kB) File type Wheel Python version py2.py3 Upload date Hashes View
Filename, size cyclonedx-bom-0.3.5.tar.gz (5.5 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page