Apt2sbom python package generates SPDX or YAML files

Related tags

Configurationapt2sbom
Overview

Welcome to apt2sbom

This package contains a library and a CLI tool to convert a Ubuntu software package inventory to a software bill of materials. You are in the wrong place if you are not running Ubuntu.

The package is under active development. Don't be surprised if something doesn't work quite right. please see CONTRIBUTING.md for details.

Building

Building is easy:

  1. Bop the version on setup.cfg
  2. python3 -m build -w
  3. cd dist
  4. pip3 install that file

Do this, of course, on a Ubuntu system.

Usage

To use the CLI tool:

% apt2sbom (--json|--yaml|--cyclonedx [--pip])

Will produce either JSON or YAML forms of an SPDX file, or the JSON form of a CycloneDX file . There is no default. Pick one.

To include python packages, add --pip.

There is also a werkzeug interface so that an SBOM file can be delivered via HTTP. To use, create a simple wsgi file as follows:

from apt2sbom.wsbom import app as application  
application = create_app(\_name\_)

and call that file from your httpd. An apache example follows:

WSGIScriptAlias /.well-known/sbom /usr/lib/cgi-bin/sbom.wsgi
WSGIPassAuthorization On

When this is done, a very simple password file is expected in /etc/sbom.users:

{
   "user" : "password",
   "otheruser" : "otherpassword",
    ...
}

The passwords aren't hashed. This is clearly something that has to be addressed in the future.

The type of SBOM returned depends on the Accepts: header sent.

Owner
Eliot Lear
IoT scaredy cat. Jack of all CS trades, and master of none.
Eliot Lear
GitHub Repository
Hydra is a framework for elegantly configuring complex applications

Python Decouple: Strict separation of settings from code Decouple helps you to organize your settings so that you can change parameters without having

Facebook Research 6.6k Jan 04, 2023
Chinese-specific configuration to improve your favorite DNS server

Dnsmasq-china-list - Chinese-specific configuration to improve your favorite DNS server. Best partner for chnroutes.

Felix Yan 4.6k Jan 03, 2023
Configuration Management for Python ⚙

dynaconf - Configuration Management for Python. Features Inspired by the 12-factor application guide Settings management (default values, validation,

Bruno Rocha 2.8k Jan 06, 2023
A modern simfile parsing & editing library for Python 3

A modern simfile parsing & editing library for Python 3

ash garcia 38 Nov 01, 2022
environs is a Python library for parsing environment variables.

environs: simplified environment variable parsing environs is a Python library for parsing environment variables. It allows you to store configuration

Steven Loria 920 Jan 04, 2023
Napalm-vs-openconfig - Comparison of NAPALM and OpenConfig YANG with NETCONF transport

NAPALM vs NETCONF/OPENCONFIG Abstracts Multi vendor network management and autom

Anton Karneliuk 1 Jan 17, 2022
Scooch Configures Object Oriented Class Hierarchies for python

Scooch Scooch Configures Object Oriented Class Hierarchies for python. A good place to start with Scooch is at the documentation found here. Scooch is

Pandora Media, Inc. 6 Dec 20, 2022
Configuration for Python planets

Configuration for Python planets

Python 127 Dec 16, 2022
KConfig Browser is a graphical application which allows you to modify KDE configuration files found in ~/.config

kconfig_browser KConfig Browser is a graphical application which allows you to modify KDE configuration files found in ~/.config Screenshot Why I crea

11 Sep 15, 2022
Sync any your configuration file to remote. Currently only support gist.

Sync your configuration to remote, such as vimrc. You can use EscSync to manage your configure of editor, shell, etc.

Me1onRind 0 Nov 21, 2022
Config files for my GitHub profile.

Config files for my GitHub profile.

Lukas Sales 7 May 17, 2022
A YAML validator for Programming Historian lessons.

phyaml A simple YAML validator for Programming Historian lessons. USAGE: python3 ph-lesson-yaml-validator.py lesson.md The script automatically detect

Riva Quiroga 1 Nov 07, 2021
Yamale (ya·ma·lē) - A schema and validator for YAML.

Yamale (ya·ma·lē) ⚠️ Ensure that your schema definitions come from internal or trusted sources. Yamale does not protect against intentionally maliciou

23andMe 534 Dec 21, 2022
Pyleri is an easy-to-use parser created for SiriDB

Python Left-Right Parser Pyleri is an easy-to-use parser created for SiriDB. We first used lrparsing and wrote jsleri for auto-completion and suggesti

Cesbit 106 Dec 06, 2022
Pydantic-ish YAML configuration management.

Pydantic-ish YAML configuration management.

Dribia Data Research 18 Oct 27, 2022
Dag-bakery - Dag Bakery enables the capability to define Airflow DAGs via YAML.

DAG Bakery - WIP 🔧 dag-bakery aims to simplify our DAG development by removing all the boilerplate and duplicated code when defining multiple DAG cro

Typeform 2 Jan 08, 2022
MOHAconfig - Gerador de arquivo de configuração para Medal of Honor: Airborne

MOHAconfig Gerador de arquivo de configuração para Medal of Honor: Airborne MOHA - Gerador de arquivo de configuração. Essa aplicação foi feita em pyt

1 Dec 31, 2021
This Ivy plugin adds support for TOML file headers.

This Ivy plugin adds support for TOML file headers as an alternative to YAML.

Darren Mulholland 1 Nov 09, 2021
A tool to manage configuration files, build scripts etc. across multiple projects.

A tool to manage configuration files, build scripts etc. across multiple projects.

8 Dec 14, 2022
A lightweight Traits like module

Traitlets home https://github.com/ipython/traitlets pypi-repo https://pypi.org/project/traitlets/ docs https://traitlets.readthedocs.io/ license Modif

IPython 532 Dec 27, 2022