The sbomify Blog

Announcing GitHub Action 0.7.0 and sbomify 0.19

Using Conan for C SBOMs

Last November I wrote about The C conundrum as there’s so much C code that needs SBOMs, but there was no straightforward way to generate them.

CISA's Minimum Elements now in Draft

CISA has published a public comment draft of updated SBOM Minimum Elements. This draft is intended as successor guidance to the NTIA Minimum Elements first issued on July...

Big Update to sbomify

Happy 4 July to our US friends.

Unpacking Raspberry Pi's Built‑In SBOM Magic

When the Raspberry Pi Foundation quietly unveiled rpi‑image‑gen, most of the headlines focused on how it streamlines custom image creation. Tucked inside that announcement is something even more...

Chris Swan Joins sbomify Advisory Board

sbomify is excited to announce that Chris Swan has joined its advisory board. Chris brings extensive experience in DevOps, open source, and cybersecurity, making him an invaluable asset...

Mastering SBOM Generation with Yocto

I recently spent time with Yocto to better understand how it works with SBOMs, and I was very impressed. In short, if you are building your own Linux...

sbomify Goes Open Source: A New Chapter in SBOM Management

I am thrilled to share that sbomify is now officially open source! As of today, you can find our project on GitHub. This decision is a leap forward...

How SBOMs Can Help You Achieve PCI DSS 4.0 Compliance

What Is PCI DSS 4.0?

The C conundrum - generating SBOMs when there's no lockfile

Generating an SBOM for something created in a modern language like Dart, Go, Python or Rust is pretty easy. Dependencies are declared using the language’s package manager, the...

sbomify GitHub Action v0.3.0: Now Faster and Compatible with GitLab!

We’re excited to announce the release of version 0.3.0 of our GitHub Actions module!

GitHub Action module with Attestation

Over the last few weeks, we’ve made some significant updates to our GitHub Actions module. Since our last update, we’ve added a few new features.