| Name | sbom4rpms JSON |
| Version |
0.0.2
JSON |
| download |
| home_page | None |
| Summary | None |
| upload_time | 2024-04-22 15:53:59 |
| maintainer | None |
| docs_url | None |
| author | None |
| requires_python | >=3.9 |
| license | None |
| keywords |
sbom
rpm
generation
|
| VCS |
 |
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# SBOM for RPM
`SBOM4RPM` uses existing `rpm` and `dnf` features to resolve all dependencies of one or multiple RPM packages and generates an SBOM for each `.rpm`.
## Usage
Start a container for building the custom RPM project and mount its directory into it. For example:
```bash
podman run -it -v <path-to-project>:/var/<your-project> <build-container> /bin/bash
```
Proceed by building the custom RPM project and create a repomd (xml-based rpm metadata) repository for your output directory:
```bash
# assuming all rpms have been put into '/tmp/custom-artifacts'
createrepo_c /tmp/custom-artifacts
```
Then install and run `SBOM4RPMs`:
```bash
pip install sbom4rpms
sbom4rpms --rpm-dir=/tmp/custom-artifacts/ --collect-dependencies --sbom-format=spdx --sbom-dir=sboms
```
## Example: BlueChi
The [example directory](https://github.com/engelmi/sbom4rpm/tree/main/example) provides collected data and generated SBOMs for [BlueChi](https://github.com/eclipse-bluechi/bluechi/).
Raw data
{
"_id": null,
"home_page": null,
"name": "sbom4rpms",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.9",
"maintainer_email": "Michael Engel <mengel@redhat.com>",
"keywords": "SBOM, RPM, Generation",
"author": null,
"author_email": "Michael Engel <mengel@redhat.com>",
"download_url": "https://files.pythonhosted.org/packages/ba/8e/3d9171bc7a272b0547d5a617b9c33579b40118d02399400727741aedc924/sbom4rpms-0.0.2.tar.gz",
"platform": null,
"description": "# SBOM for RPM\n\n`SBOM4RPM` uses existing `rpm` and `dnf` features to resolve all dependencies of one or multiple RPM packages and generates an SBOM for each `.rpm`. \n\n## Usage\n\nStart a container for building the custom RPM project and mount its directory into it. For example:\n```bash\npodman run -it -v <path-to-project>:/var/<your-project> <build-container> /bin/bash\n```\n\nProceed by building the custom RPM project and create a repomd (xml-based rpm metadata) repository for your output directory:\n```bash\n# assuming all rpms have been put into '/tmp/custom-artifacts'\ncreaterepo_c /tmp/custom-artifacts\n```\n\nThen install and run `SBOM4RPMs`:\n\n```bash\npip install sbom4rpms\nsbom4rpms --rpm-dir=/tmp/custom-artifacts/ --collect-dependencies --sbom-format=spdx --sbom-dir=sboms\n```\n\n## Example: BlueChi\n\nThe [example directory](https://github.com/engelmi/sbom4rpm/tree/main/example) provides collected data and generated SBOMs for [BlueChi](https://github.com/eclipse-bluechi/bluechi/). \n",
"bugtrack_url": null,
"license": null,
"summary": null,
"version": "0.0.2",
"project_urls": {
"Documentation": "https://github.com/engelmi/sbom-for-https://github.com/engelmi/sbom4rpm/issues",
"Homepage": "https://github.com/engelmi/sbom-for-rpms",
"Issues": "https://github.com/engelmi/sbom4rpm/issues",
"Repository": "https://github.com/engelmi/sbom4rpm.git"
},
"split_keywords": [
"sbom",
" rpm",
" generation"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "f96fbfe5da0b543b479e4b47a99f3ac59ff3024e97d08dabb990dd09be87b932",
"md5": "433cb2793ecf6f2b43b29b2683a21251",
"sha256": "b576edc56150412c8da6482095773dfd80f0443397431ad8c1b1fdc9a39ccde2"
},
"downloads": -1,
"filename": "sbom4rpms-0.0.2-py3-none-any.whl",
"has_sig": false,
"md5_digest": "433cb2793ecf6f2b43b29b2683a21251",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.9",
"size": 14902,
"upload_time": "2024-04-22T15:53:57",
"upload_time_iso_8601": "2024-04-22T15:53:57.700046Z",
"url": "https://files.pythonhosted.org/packages/f9/6f/bfe5da0b543b479e4b47a99f3ac59ff3024e97d08dabb990dd09be87b932/sbom4rpms-0.0.2-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "ba8e3d9171bc7a272b0547d5a617b9c33579b40118d02399400727741aedc924",
"md5": "5ade67c922e09b739a82683b3e99c88d",
"sha256": "03414e58ec67b29ac518bbbb15457d0456b00fa0dc4b21ef462fa5aa10140af8"
},
"downloads": -1,
"filename": "sbom4rpms-0.0.2.tar.gz",
"has_sig": false,
"md5_digest": "5ade67c922e09b739a82683b3e99c88d",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.9",
"size": 10859,
"upload_time": "2024-04-22T15:53:59",
"upload_time_iso_8601": "2024-04-22T15:53:59.316876Z",
"url": "https://files.pythonhosted.org/packages/ba/8e/3d9171bc7a272b0547d5a617b9c33579b40118d02399400727741aedc924/sbom4rpms-0.0.2.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-04-22 15:53:59",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "engelmi",
"github_project": "sbom-for-https:",
"github_not_found": true,
"lcname": "sbom4rpms"
}
