nix2sbom
extracts the SBOM (Software Bill of Materials) from a Nix derivation
📚 Documentation for using nix2sbom
is here
Warning This repo is still a work-in-progress. The command-line options and command names might change significantly until the project reaches version 1.0.0.
- Supports CycloneDX 1.4 format
- Supports JSON and YAML serialization formats
- Generates a SBOM for your current
NixOS
system - Detects and handles patches
- Discovers git URLs (using archive URLs)
Assuming that you have enabled both the flakes
and nix-command
experimental features:
nix profile install github:louib/nix2sbom
cargo install --path .