7 Resources
Golang sbom Libraries
CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.
depsdev CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security sig
Sbom-operator - Catalogue all images of a Kubernetes cluster to multiple targets with Syft
sbom-operator Catalogue all images of a Kubernetes cluster to multiple targets w
Example goreleaser + github actions config with keyless signing and SBOM generation
supply-chain-example GoReleaser + Go Mod proxying + Cosign keyless signing + Syft SBOM generation example. How it works GoReleaser manages the entire
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
A CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability dete
A Cloud Native Buildpack that contributes the Syft CLI which can be used to generate SBoM information
gcr.io/paketo-buildpacks/syft The Paketo Syft Buildpack is a Cloud Native Buildpack that contributes the Syft CLI which can be used to generate SBoM i
Support CI generation of SBOMs via golang tooling.
SPDX Software Bill of Materials (SBOM) Generator Overview Software Package Data Exchange (SPDX) is an open standard for communicating software bill of
Support CI generation of SBOMs via golang tooling.
Software Package Data Exchange (SPDX) is an open standard for communicating software bill of materials (SBOM) information that supports accurate identification of software components, explicit mapping of relationships between components, and the association of security and licensing information with each component.