Skip to main content

No project description provided

Project description

SBOM for RPM

SBOM4RPM uses existing rpm and dnf features to resolve all dependencies of one or multiple RPM packages and generates an SBOM for each .rpm.

Usage

Start a container for building the custom RPM project and mount its directory into it. For example:

podman run -it -v <path-to-project>:/var/<your-project> <build-container> /bin/bash

Proceed by building the custom RPM project and create a repomd (xml-based rpm metadata) repository for your output directory:

# assuming all rpms have been put into '/tmp/custom-artifacts'
createrepo_c /tmp/custom-artifacts

Then install and run SBOM4RPMs:

pip install sbom4rpms
sbom4rpms --rpm-dir=/tmp/custom-artifacts/ --collect-dependencies --sbom-format=spdx --sbom-dir=sboms

Example: BlueChi

The example directory provides collected data and generated SBOMs for BlueChi.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

sbom4rpms-0.0.2.tar.gz (10.9 kB view details)

Uploaded Source

Built Distribution

sbom4rpms-0.0.2-py3-none-any.whl (14.9 kB view details)

Uploaded Python 3

File details

Details for the file sbom4rpms-0.0.2.tar.gz.

File metadata

  • Download URL: sbom4rpms-0.0.2.tar.gz
  • Upload date:
  • Size: 10.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.0.0 CPython/3.12.3

File hashes

Hashes for sbom4rpms-0.0.2.tar.gz
Algorithm Hash digest
SHA256 03414e58ec67b29ac518bbbb15457d0456b00fa0dc4b21ef462fa5aa10140af8
MD5 5ade67c922e09b739a82683b3e99c88d
BLAKE2b-256 ba8e3d9171bc7a272b0547d5a617b9c33579b40118d02399400727741aedc924

See more details on using hashes here.

Provenance

File details

Details for the file sbom4rpms-0.0.2-py3-none-any.whl.

File metadata

  • Download URL: sbom4rpms-0.0.2-py3-none-any.whl
  • Upload date:
  • Size: 14.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.0.0 CPython/3.12.3

File hashes

Hashes for sbom4rpms-0.0.2-py3-none-any.whl
Algorithm Hash digest
SHA256 b576edc56150412c8da6482095773dfd80f0443397431ad8c1b1fdc9a39ccde2
MD5 433cb2793ecf6f2b43b29b2683a21251
BLAKE2b-256 f96fbfe5da0b543b479e4b47a99f3ac59ff3024e97d08dabb990dd09be87b932

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page