Daniel Have a look at SBOM4Python which generates an SBOM for an installed python module including all of its dependencies (direct or indirect). And look at SBOM2dot which generates a DOT file for producing a graph of the dependencies.
Both applications are available on PyPi. Regards Anthony On Thu, 9 Mar 2023, 19:51 , <[email protected]> wrote: > All, > I feel like I'm missing something obvious here, but which SBOM generators > actually generate SPDX SBOMs that (1) have refID's for the overall asset > (documentDescribes), and (2) have package dependency hierarchy information, > i.e. something that I could use to build a tree visualization of how the > software dependencies are introduced into the main piece of software? > > Thanks, > Daniel > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#1636): https://lists.spdx.org/g/spdx/message/1636 Mute This Topic: https://lists.spdx.org/mt/97504626/21656 Group Owner: [email protected] Unsubscribe: https://lists.spdx.org/g/spdx/leave/2655439/21656/1698928721/xyzzy [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
