Do You Need an SBOM?

1. bom-examples

   1 1 193 3.8

   A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)

   

   We won't dive deep, but here's a component listing for the @babel/polyfill NodeJS module from the ProtonMail web client's SBOM in CycloneDX's examples repository. It provides a variety of information about the component, including a published hash for that release that can be used to verify the authenticity of the component.

2. Nutrient

   www.nutrient.io featured

   Nutrient – The #1 PDF SDK Library, trusted by 10K+ developers. Other PDF SDKs promise a lot - then break. Laggy scrolling, poor mobile UX, tons of bugs, and lack of support cost you endless frustrations. Nutrient’s SDK handles billion-page workloads - so you don’t have to debug PDFs. Used by ~1 billion end users in more than 150 different countries.

   

3. Babel (Formerly 6to5)

   2 61 43,442 9.7 TypeScript

   🐠 Babel is a compiler for writing next generation JavaScript.

   

4. cyclonedx-maven-plugin

   3 13 313 7.9 Java

   Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects

   

   There are a number of SBOM standards, but we'll focus on the CycloneDX standard here. CycloneDX grew out of the Open Web Application Security Project (OWASP), is licensed under Creative Commons Zero v1 (think a "public domain" license formulated to meet the laws of many countries), and is a widely known and respected standard.

5. babel-sublime

   4 158 3,255 0.0 JavaScript

   Syntax definitions for ES6 JavaScript with React JSX extensions.

   

Suggest a related project