CycloneDX’s Python Library documentation

CycloneDX is a lightweight BOM specification that is easily created, human-readable, and simple to parse.

This CycloneDX module for Python can generate valid CycloneDX bill-of-material document containing an aggregate of all project dependencies.

As of version 3.0.0, the internal data model was adjusted to allow CycloneDX VEX documents to be produced as per official examples linking VEX to a separate BOM.

This module is not designed for standalone use (i.e. it is not executable on it’s own). If you’re looking for a CycloneDX tool to run to generate (SBOM) software bill-of-materials documents, why not checkout:

This library was designed to be used by developers - you can use this module yourself in your application to programmatically generate SBOMs.