SBOMs - Anywhere?

Bernhard M. Wiedemann bernhardout at
Fri Mar 3 10:26:10 UTC 2023

On 25/02/2023 16.56, Anthony Harrison wrote:
> More tools are in the pipeline, including one to generate an SBOM from 
> an installed platform distribution or package (currently works for 
> Debian systems, work in progress for RPM based systems) and an audit 
> tool. I hope to publish these in the next couple of weeks.

I want to mention that we can already generate [1] and publish [2] SBOMs 
in our Open-Build-Service to meet SLSA level4 requirements.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the rb-general mailing list