Crate use_sbom

Expand description

§use-sbom

Software bill of materials and software supply-chain security primitives for RustUse.

§Experimental

use-sbom is experimental while the use-security workspace remains below 0.3.0. Expect small API adjustments during the first release wave.

§Example

use use_sbom::{SbomComponent, SbomComponentName, SbomComponentVersion};

let component = SbomComponent::new(
    SbomComponentName::new("example")?,
    SbomComponentVersion::new("1.0.0")?,
);

assert_eq!(component.name().as_str(), "example");

§Scope

SBOM format, component, package URL, digest, license expression, relationship, and supply-chain risk metadata.
Small validation helpers for non-empty SBOM text values.

§Non-goals

Generating full SBOM documents.
Full CycloneDX or SPDX parsing.
Contacting package registries or advisory databases.

§License

Licensed under either of the following, at your option:

Apache License, Version 2.0
MIT license

Structs§

SbomComponent: SBOM component metadata.
SbomComponentName
SbomComponentVersion
SbomDigest
SbomLicenseExpression
SbomPackageUrl: A package URL metadata value.

Enums§

SbomFormat: SBOM format labels.
SbomParseError: Error returned when an SBOM label cannot be parsed.
SbomRelationshipKind: SBOM relationship labels.
SbomTextError: Error returned when SBOM text metadata is invalid.
SupplyChainRiskKind: Supply-chain risk labels.

Crate use_sbom

Crate use_sbom Copy item path

§use-sbom

§Experimental

§Example

§Scope

§Non-goals

§License

Structs§

Enums§

Crate use_sbom