Skip to content
/ ossbomer-conformance Public

OSSBOMER - SBOM Conformance against NTIA, CRA, and other compliance requirements.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Xpertians/ossbomer-conformance

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
ossbomer_conformance
ossbomer_conformance
 
 
scripts
scripts
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
setup.py
setup.py
 
 

Repository files navigation

ossbomer-conformance

ossbomer-conformance is a Python library and CLI tool that validates SBOM (Software Bill of Materials) files against NTIA, CRA, and other regulatory conformance rules. It supports SPDX and CycloneDX formats in JSON and XML.

Features

  • Validates SBOMs against NTIA and CRA requirements.
  • Supports SPDX and CycloneDX formats (JSON & XML).
  • Detects missing fields and structural inconsistencies (WIP).

Installation

pip install ossbomer-conformance

Usage

CLI Usage to Validate an SBOM file:

ossbomer-conformance --file sbom.json

Specify a custom rules file:

ossbomer-conformance --file sbom.json --rules custom_rules.json

Library Integration:

from ossbomer_conformance.validator import SBOMConformanceValidator

validator = SBOMConformanceValidator("config.json")
result = validator.validate_sbom("sbom.json")
print(result)

License

This project is licensed under the MIT License.

About

OSSBOMER - SBOM Conformance against NTIA, CRA, and other compliance requirements.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages