CycloneDX/bom-examples

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/CycloneDX/bom-examples)

CycloneDX / bom-examples

A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)

☆218

Alternatives and similar repositories for bom-examples

Users that are interested in bom-examples are comparing it to the libraries listed below

Sorting:

CycloneDX / specification
View on GitHub
OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…
☆487Updated this week
spdx / spdx-examples
View on GitHub
Examples of SPDX files for software combinations
☆143Nov 15, 2025Updated 4 months ago
CycloneDX / cyclonedx-cli
View on GitHub
CycloneDX CLI tool for SBOM analysis, merging, diffs and format conversions.
☆470Feb 10, 2026Updated last month
interlynk-io / sbomqs
View on GitHub
sbomqs: The Comprehensive SBOM Quality & Compliance Tool
☆271Updated this week
CycloneDX / cyclonedx-python-lib
View on GitHub
Functionality and DataModels of OWASP CycloneDX for Python
☆103Mar 13, 2026Updated last week
oasis-tcs / csaf
View on GitHub
OASIS CSAF TC: Supporting version control for Work Product artifacts developed by members of TC, including prose specifications and secon…
☆211Updated this week
chainguard-sandbox / bom-shelter
View on GitHub
A place to systematically store software bill of materials (SBOM) documents.
☆50Jun 1, 2023Updated 2 years ago
CycloneDX / cyclonedx-bom-repo-server
View on GitHub
A BOM repository server for distributing CycloneDX BOMs
☆87Jul 1, 2025Updated 8 months ago
CERTCC / SBOM
View on GitHub
Examples and proof-of-concept for Software Bill of Materials (SBOM) code & data
☆67Apr 8, 2024Updated last year
eBay / sbom-scorecard
View on GitHub
Generate a score for your sbom to understand if it will actually be useful.
☆239Aug 13, 2024Updated last year
sbomtools / apt2sbom
View on GitHub
apt2sbom python package generates SPDX or CycloneDX files from Ubuntu APT and Python packaging information
☆25Feb 4, 2022Updated 4 years ago
package-url / purl-spec
View on GitHub
A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby
☆992Mar 11, 2026Updated last week
CycloneDX / transparency-exchange-api
View on GitHub
A standard API specification for exchanging supply chain artifacts and intelligence
☆103Mar 13, 2026Updated last week
nyph-infosec / daggerboard
View on GitHub
☆102Sep 27, 2024Updated last year
devops-kung-fu / bomber
View on GitHub
Scans Software Bill of Materials (SBOMs) for security vulnerabilities
☆606Feb 10, 2026Updated last month
OpenEoX / openeox
View on GitHub
This project aims to standardize the representation and management of EOL and EOS product information across the industry.
☆30Mar 4, 2024Updated 2 years ago
cdxgen / cdxgen
View on GitHub
Creates CycloneDX Bill of Materials (BOM) for your projects from source and container images. Supports many languages and package manager…
☆919Updated this week
spdx / cdx2spdx
View on GitHub
Utility that converts SBOM documents from CycloneDX to SPDX
☆33Jan 19, 2024Updated 2 years ago
ossf / sbom-everywhere
View on GitHub
Improve Software Bill of Materials (SBOM) tooling and training to encourage adoption
☆111Feb 28, 2026Updated 2 weeks ago
awesomeSBOM / awesome-sbom
View on GitHub
A curated list of SBOM (Software Bill Of Materials) related tools, frameworks, blogs, podcasts, and articles
☆572May 20, 2025Updated 10 months ago
spdx / spdx-online-tools
View on GitHub
Source for the website providing online SPDX tools
☆72Dec 28, 2025Updated 2 months ago
CycloneDX / sbom-utility
View on GitHub
Utility that provides an API platform for validating, querying and managing BOM data
☆128Jan 2, 2026Updated 2 months ago
bomctl / bomctl
View on GitHub
Format agnostic SBOM tooling
☆133Nov 20, 2025Updated 4 months ago
csaf-tools / CVRF-CSAF-Converter
View on GitHub
A CVRF CSAF Converter, taking care about OASIS specification.
☆10Jun 4, 2025Updated 9 months ago
scanoss / purl2cpe
View on GitHub
PURL to CPE Relationship mapping project.
☆111Updated this week
protobom / protobom
View on GitHub
A universal SBOM representation in protocol buffers
☆320Mar 2, 2026Updated 2 weeks ago
spdx / spdx-to-osv
View on GitHub
Produce an Open Source Vulnerability JSON file based on information in an SPDX document
☆65May 27, 2024Updated last year
openvex / spec
View on GitHub
OpenVEX Specification
☆169Jan 16, 2026Updated 2 months ago
CycloneDX / cyclonedx-python
View on GitHub
CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
☆362Updated this week
opensbom-generator / spdx-sbom-generator
View on GitHub
Support CI generation of SBOMs via golang tooling.
☆424Jan 13, 2025Updated last year
ossf / osv-schema
View on GitHub
Open Source Vulnerability schema.
☆240Updated this week
advanced-security / gh-sbom
View on GitHub
Generate SBOMs with gh CLI
☆199May 30, 2025Updated 9 months ago
guacsec / guac
View on GitHub
GUAC aggregates software security metadata into a high fidelity graph database.
☆1,454Updated this week
act-project / TAC
View on GitHub
Automating Compliance Tooling Project
☆22Jan 28, 2022Updated 4 years ago
bgnetworks / meta-dependencytrack
View on GitHub
A Yocto meta-layer for generating CycloneDX SBOMs and automatically uploading them to Dependency Track.
☆21May 24, 2024Updated last year
IBM / CBOM
View on GitHub
Cryptography Bill of Materials
☆101Sep 17, 2025Updated 6 months ago
opencybersecurityalliance / PACE
View on GitHub
Posture Attribute Collection and Evaluation
☆23Jun 20, 2023Updated 2 years ago
carabiner-dev / ampel
View on GitHub
🔴🟡🟢 The Amazing Multipurpose Policy Engine (and L)
☆39Mar 13, 2026Updated last week
CycloneDX / license-scanner
View on GitHub
Utility that provides an API and CLI to identify licenses and legal terms
☆52Jul 11, 2025Updated 8 months ago