use-sbom 0.0.1

SBOM and software supply-chain metadata primitives for RustUse
Documentation
  • Coverage
  • 47.06%
    24 out of 51 items documented1 out of 28 items with examples
  • Size
  • Source code size: 11.93 kB This is the summed size of all the files inside the crates.io package for this release.
  • Documentation size: 1.19 MB This is the summed size of all files generated by rustdoc for all configured targets
  • Ø build duration
  • this release: 3s Average build duration of successful builds.
  • all releases: 3s Average build duration of successful builds in releases after 2024-10-23.
  • Links
  • Homepage
  • Documentation
  • RustUse/use-security
    1 0 0
  • crates.io
  • Dependencies
  • Versions
  • Owners
  • CloudBranch

use-sbom

Software bill of materials and software supply-chain security primitives for RustUse.

Experimental

use-sbom is experimental while the use-security workspace remains below 0.3.0. Expect small API adjustments during the first release wave.

Example

use use_sbom::{SbomComponent, SbomComponentName, SbomComponentVersion};

let component = SbomComponent::new(
    SbomComponentName::new("example")?,
    SbomComponentVersion::new("1.0.0")?,
);

assert_eq!(component.name().as_str(), "example");
# Ok::<(), use_sbom::SbomTextError>(())

Scope

  • SBOM format, component, package URL, digest, license expression, relationship, and supply-chain risk metadata.
  • Small validation helpers for non-empty SBOM text values.

Non-goals

  • Generating full SBOM documents.
  • Full CycloneDX or SPDX parsing.
  • Contacting package registries or advisory databases.

License

Licensed under either of the following, at your option:

  • Apache License, Version 2.0
  • MIT license