In the dynamic realm of Python development, where libraries and dependencies are rather complex, the need for transparency and security has never been more critical. Enter the Software Bill of Materials (SBOM), a powerful tool that unveils the composition of Python projects, laying bare the elements that contribute to their functionality. I’ll discuss generating SBOM files for Python projects in this blog post.
Link for the sample application: https://github.com/anil-yelken/Vulnerable-Flask-App
Installation of Cyclonedx Python
SBOM Generation
Command: cyclonedx-py — requirements — format json -o <my_sbom.json>
You have successfully generated your SBOM file in JSON format.
This work has been supported in part by the Energy Transition Fund of the FPS Economy of Belgium through the CYPRESS project, and in part by the VLAIO COOCK program through the IIoT-SBOM project.
Thanks for reading.
Can Özkan
