| Name | mobster JSON |
| Version |
0.5.0
JSON |
| download |
| home_page | None |
| Summary | A tool for generating and managing Software Bill of Materials (SBOM). |
| upload_time | 2025-07-14 11:21:44 |
| maintainer | None |
| docs_url | None |
| author | Ales Raszka |
| requires_python | <4.0,>=3.10 |
| license | Apache-2.0 |
| keywords |
sbom
spdx
cyclonedx
security
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# Mobster
The Mobster project is a Python-based tool and ecosystem to
work with SBOM (Software Bill of Materials) documents. Its goal is to provide
unified interface for generating, manipulating and consuming SBOM documents
in various formats.
The tools is designed to cover a whole lifecycle of SBOM documents.
The major stages are:
- **Generation**: Generate SBOMs document from various sources (Syft, Hermeto, etc.)
- **Augmentation**: Augment SBOM documents with additional information that are not
present in the phase of generation. This phase is usually done in the
release phase where we know more information about the software.
- **Validation**: Validate a quality of the SBOM document in different stages
of the lifecycle. The validation is done by the [Product Security team
guidelies](https://github.com/RedHatProductSecurity/security-data-guidelines/tree/main).
- **Distribution**: Distribute the SBOM document to various set of locations (e.g. Trusted
Profile Analyzer, container registry, etc.)
## Getting started
To use the Mobster tool, you need to install it first. There are multiple ways to isnstall
the tool:
### Using pip
```bash
pip install mobster
mobster --help
```
### Using container image
```bash
podman pull quay.io/konflux-ci/mobster:latest
podman run -it quay.io/konflux-ci/mobster:latest mobster --help
```
## Development environment
Follow an instruction in the [development-environment.md](docs/development-environment.md)
file to set up your development environment.
## Contributing
We welcome contributions to the Mobster project! If you would like to contribute, please follow these steps:
1. Fork the repository
2. Create a new branch for your feature or bug fix
3. Make your changes and commit them with a clear message (following the
[conventional commit](https://www.conventionalcommits.org/en/v1.0.0/) format)
(e.g. `feat: add new feature` or `fix: fix a bug`)
4. Open a pull request to the main repository
5. Make sure the CI checks pass and the code is properly formatted
6. Wait for the review and address any comments or suggestions
7. Once your changes are approved, they will be merged into the main branch
8. Congratulations! You have successfully contributed to the Mobster project
## Release process
The release process is automated using GitHub Actions and Konflux. The process
is described in detail in the [release.md](docs/release.md) file.
## Documentation
The documentation for the Mobster project is available in the [docs](/docs/) directory.
## License
This project is licensed under the Apache License 2.0. See the [LICENSE](LICENSE) file for details.
Raw data
{
"_id": null,
"home_page": null,
"name": "mobster",
"maintainer": null,
"docs_url": null,
"requires_python": "<4.0,>=3.10",
"maintainer_email": null,
"keywords": "sbom, spdx, cyclonedx, security",
"author": "Ales Raszka",
"author_email": "araszka@redhat.com",
"download_url": "https://files.pythonhosted.org/packages/3c/e9/adc2905b4331e2eb23d59551033b24091f83dad96be63e6e280e232cd24d/mobster-0.5.0.tar.gz",
"platform": null,
"description": "# Mobster\n\nThe Mobster project is a Python-based tool and ecosystem to\nwork with SBOM (Software Bill of Materials) documents. Its goal is to provide\nunified interface for generating, manipulating and consuming SBOM documents\nin various formats.\n\nThe tools is designed to cover a whole lifecycle of SBOM documents.\nThe major stages are:\n\n- **Generation**: Generate SBOMs document from various sources (Syft, Hermeto, etc.)\n- **Augmentation**: Augment SBOM documents with additional information that are not\n present in the phase of generation. This phase is usually done in the\n release phase where we know more information about the software.\n- **Validation**: Validate a quality of the SBOM document in different stages\n of the lifecycle. The validation is done by the [Product Security team\n guidelies](https://github.com/RedHatProductSecurity/security-data-guidelines/tree/main).\n- **Distribution**: Distribute the SBOM document to various set of locations (e.g. Trusted\n Profile Analyzer, container registry, etc.)\n\n## Getting started\n\nTo use the Mobster tool, you need to install it first. There are multiple ways to isnstall\nthe tool:\n\n### Using pip\n\n```bash\npip install mobster\nmobster --help\n```\n### Using container image\n\n```bash\npodman pull quay.io/konflux-ci/mobster:latest\npodman run -it quay.io/konflux-ci/mobster:latest mobster --help\n```\n\n## Development environment\n\nFollow an instruction in the [development-environment.md](docs/development-environment.md)\nfile to set up your development environment.\n\n\n## Contributing\nWe welcome contributions to the Mobster project! If you would like to contribute, please follow these steps:\n1. Fork the repository\n2. Create a new branch for your feature or bug fix\n3. Make your changes and commit them with a clear message (following the\n [conventional commit](https://www.conventionalcommits.org/en/v1.0.0/) format)\n (e.g. `feat: add new feature` or `fix: fix a bug`)\n4. Open a pull request to the main repository\n5. Make sure the CI checks pass and the code is properly formatted\n6. Wait for the review and address any comments or suggestions\n7. Once your changes are approved, they will be merged into the main branch\n8. Congratulations! You have successfully contributed to the Mobster project\n\n## Release process\nThe release process is automated using GitHub Actions and Konflux. The process\nis described in detail in the [release.md](docs/release.md) file.\n\n## Documentation\nThe documentation for the Mobster project is available in the [docs](/docs/) directory.\n\n## License\nThis project is licensed under the Apache License 2.0. See the [LICENSE](LICENSE) file for details.\n\n",
"bugtrack_url": null,
"license": "Apache-2.0",
"summary": "A tool for generating and managing Software Bill of Materials (SBOM).",
"version": "0.5.0",
"project_urls": {
"Repository": "https://github.com/konflux-ci/mobster"
},
"split_keywords": [
"sbom",
" spdx",
" cyclonedx",
" security"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "606fba915e5165552b9c60ee24de8d03ee2ff46a181839741a4070002337bd99",
"md5": "e5cfa2748a632c4830760f62de97b7e6",
"sha256": "f05c01f6833a27566e8e7f9b56a01ddd75d3e0232b28d3c71fa0bf89080759e4"
},
"downloads": -1,
"filename": "mobster-0.5.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "e5cfa2748a632c4830760f62de97b7e6",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.10",
"size": 69254,
"upload_time": "2025-07-14T11:21:43",
"upload_time_iso_8601": "2025-07-14T11:21:43.592583Z",
"url": "https://files.pythonhosted.org/packages/60/6f/ba915e5165552b9c60ee24de8d03ee2ff46a181839741a4070002337bd99/mobster-0.5.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "3ce9adc2905b4331e2eb23d59551033b24091f83dad96be63e6e280e232cd24d",
"md5": "da2a4c498e806579fb6929ab96cf9438",
"sha256": "6f1db54beee025451278dc802b77cb6c0c7ea4b37c082739a6d556594a4dd72d"
},
"downloads": -1,
"filename": "mobster-0.5.0.tar.gz",
"has_sig": false,
"md5_digest": "da2a4c498e806579fb6929ab96cf9438",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.10",
"size": 52789,
"upload_time": "2025-07-14T11:21:44",
"upload_time_iso_8601": "2025-07-14T11:21:44.815756Z",
"url": "https://files.pythonhosted.org/packages/3c/e9/adc2905b4331e2eb23d59551033b24091f83dad96be63e6e280e232cd24d/mobster-0.5.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-07-14 11:21:44",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "konflux-ci",
"github_project": "mobster",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"tox": true,
"lcname": "mobster"
}
