Expand description
uv-sbom - SBOM generation tool for uv projects
This library provides functionality to generate Software Bill of Materials (SBOM) from uv.lock files, following hexagonal architecture and Domain-Driven Design principles.
§Architecture
The library is organized into the following layers:
- Domain Layer (
sbom_generation): Pure business logic and domain models - Application Layer (
application): Use cases and application services - Ports (
ports): Interface definitions for infrastructure - Adapters (
adapters): Concrete implementations of ports - Shared (
shared): Common utilities and error types
§Example
use uv_sbom::prelude::*;
use std::path::PathBuf;
// Create adapters
let lockfile_reader = FileSystemReader::new();
let project_config_reader = FileSystemReader::new();
let license_repository = PyPiLicenseRepository::new()?;
let progress_reporter = StderrProgressReporter::new(uv_sbom::i18n::Locale::default());
// Create use case
let use_case: GenerateSbomUseCase<_, _, _, _, ()> = GenerateSbomUseCase::new(
lockfile_reader,
project_config_reader,
license_repository,
progress_reporter,
None, // No vulnerability checking in this example
uv_sbom::i18n::Locale::default(),
);
// Execute
let request = SbomRequest::builder()
.project_path(".")
.build()?;
let response = use_case.execute(request).await?;
// Build read model and format output
let read_model = uv_sbom::application::read_models::SbomReadModelBuilder::build(
response.enriched_packages,
&response.metadata,
None,
None,
None,
);
let formatter = CycloneDxFormatter::new();
let output = formatter.format(&read_model)?;
println!("{}", output);Modules§
- adapters
- application
- config
- Configuration file support for uv-sbom.
- i18n
- Internationalization (i18n) module for multilingual output support.
- ports
- prelude
- Prelude module for convenient imports
- sbom_
generation - shared