Data

Tools

Indexes

Applications

Experiments

Open Source Science

https://github.com/chains-project/bombom

grassroot bill of materials for linux

https://github.com/chains-project/bombom

Science Score: 13.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
  • DOI references
  • Academic publication links
  • Committers with academic emails
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (6.8%) to scientific vocabulary
Last synced: 9 months ago · JSON representation

Repository

grassroot bill of materials for linux

Basic Info
  • Host: GitHub
  • Owner: chains-project
  • Language: Python
  • Default Branch: main
  • Size: 6.84 KB
Statistics
  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • Open Issues: 0
  • Releases: 0
Created over 1 year ago · Last pushed over 1 year ago
Metadata Files
Readme

README.md

bombom - System Package Information Collector

A powerful Python tool for generating Software Bill of Materials (SBOM) from your Linux system.

🚀 Features

  • Collects package information from multiple sources:
    • System packages (dpkg)
    • Python packages (pip, pipx)
    • Applications (Flatpak, Docker)
    • Node.js packages (npm)
    • Snap packages
  • Tracks system component versions:
    • Kernel
    • Browsers (Firefox, Chrome)
    • Development tools (VS Code)
    • System services (DBus, Systemd)
  • Flexible output formats:
    • Individual text files
    • Combined tar archive

📋 Requirements

  • Python 3.6+
  • Linux system with any of these package managers:
    • apt/dpkg
    • pip
    • flatpak
    • snap
    • npm
    • docker

🔧 Installation

bash git clone https://github.com/monperrus/bombom.git cd bombom pip install -r requirements.txt

💻 Usage

Basic usage (saves files to ./__sbom__/): python bombom.py

Advanced usage : python bombom.py --tar | tar xz -C /path/to/dest

License

MIT

Owner

  • Name: CHAINS research project at KTH Royal Institute of Technology
  • Login: chains-project
  • Kind: organization

"Consistent Hardening and Analysis of Software Supply Chains" at KTH, funded by SSF

GitHub Events

Total
Last Year

Committers

Last synced: about 1 year ago

All Time
  • Total Commits: 4
  • Total Committers: 1
  • Avg Commits per committer: 4.0
  • Development Distribution Score (DDS): 0.0
Past Year
  • Commits: 4
  • Committers: 1
  • Avg Commits per committer: 4.0
  • Development Distribution Score (DDS): 0.0
Top Committers
Name Email Commits
Martin Monperrus m****s@g****g 4
Committer Domains (Top 20 + Academic)
gnieh.org: 1

Issues and Pull Requests

Last synced: about 1 year ago

All Time
  • Total issues: 0
  • Total pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Total issue authors: 0
  • Total pull request authors: 0
  • Average comments per issue: 0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
Past Year
  • Issues: 0
  • Pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Issue authors: 0
  • Pull request authors: 0
  • Average comments per issue: 0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
View more stats
Top Authors
Issue Authors
Pull Request Authors
Top Labels
Issue Labels
Pull Request Labels

Dependencies

requirements.txt pypi
  • pkg_resources *