A software bill of materials (SBoM) generator for Swift packages

Overview

Swift Package SBoM

A software bill of materials (SBoM) generator for Swift packages.

Run this command to print a JSON representation of a CycloneDX SBoM for a Swift package at a given path.

A software component can be described by a bill of materials at different levels of detail. This project currently includes the following information:

  • Component records for each library and executable product, each with a list of source files.
  • SHA256, SHA384, SHA512 checksums for each source file
  • Information about the latest commit (if the package root contains a .git directory)
  • Component records for each resolved dependency, including information about transitive relationships

⚠️ This project is under active development and isn't ready for production use.

For more information about software bill of materials, see this webpage from the National Telecommunications and Information Administration (NTIA).

Requirements

  • Swift 5.4+
  • macOS 10.15+
  • libgit2

Usage

swift-package-sbom generate --help
OVERVIEW: Generate a software bill of materials for a package at a path.

USAGE: swift-package-sbom generate <package-path>

ARGUMENTS:
  <package-path>          Location of the package 

OPTIONS:
  --version               Show the version.
  -h, --help              Show help information.

Example Output

{
    "format": "CycloneDX",
    "serialNumber": "urn:uuid:73BB569B-52BA-4CA7-B2D1-C76CD5661C3C",
    "specVersion": "1.2",
    "metadata": {
        "timestamp": "2021-07-15T22:23:33Z"
    },
    "components": [
        {
            "classification": "library",
            "bom-ref": "CycloneDX",
            "pedigree": {
                "commits": [
                    {
                        "author": {
                            "name": "Mattt",
                            "email": "[email protected]"
                        },
                        "committer": {
                            "name": "Mattt",
                            "email": "[email protected]"
                        },
                        "uid": "268e2e22efe45bae5f8521725827ff913f9d89de",
                        "message": "Create Algorithm enumeration with correct encoded values"
                    }
                ]
            },
            "components": [
                {
                    "bom-ref": "Sources/CycloneDX/Supporting Types/Pedigree.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/ExternalReference.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Service.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/BillOfMaterials.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Supporting Types/IdentifiableAction.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Extensions/KeyedEncodingContainerProtocol+Extensions.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Supporting Types/Commit.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Dependency.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Supporting Types/OrganizationalEntity.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Metadata.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Supporting Types/CPE.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Component.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Properties.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Supporting Types/Issue.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Supporting Types/Patch.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Supporting Types/Diff.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Supporting Types/Tool.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Composition.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Supporting Types/Hash.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Supporting Types/License.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Supporting Types/OrganizationalContact.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/CycloneDX/Supporting Types/Copyright.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                }
            ]
        },
        {
            "classification": "application",
            "bom-ref": "swift-package-sbom",
            "pedigree": {
                "commits": [
                    {
                        "author": {
                            "name": "Mattt",
                            "email": "[email protected]"
                        },
                        "committer": {
                            "name": "Mattt",
                            "email": "[email protected]"
                        },
                        "uid": "268e2e22efe45bae5f8521725827ff913f9d89de",
                        "message": "Create Algorithm enumeration with correct encoded values"
                    }
                ]
            },
            "components": [
                {
                    "bom-ref": "Sources/swift-package-sbom/Extensions/Hash.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/swift-package-sbom/Extensions/HashFunction+Extensions.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/swift-package-sbom/Extensions/DataProtocol+Extensions.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/swift-package-sbom/Subcommands/Generate.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/swift-package-sbom/Extensions/AbsolutePath+Extensions.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                },
                {
                    "bom-ref": "Sources/swift-package-sbom/main.swift",
                    "classification": "file",
                    "hashes": [
                        {
                            "value": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
                            "algorithm": "SHA-256"
                        },
                        {
                            "value": "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
                            "algorithm": "SHA-384"
                        },
                        {
                            "value": "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
                            "algorithm": "SHA-512"
                        }
                    ]
                }
            ]
        },
        {
            "bom-ref": "swift-driver",
            "classification": "library",
            "externalReferences": [
                {
                    "type": "vcs",
                    "url": "https://github.com/apple/swift-driver.git"
                }
            ]
        },
        {
            "bom-ref": "Git",
            "classification": "library",
            "externalReferences": [
                {
                    "type": "vcs",
                    "url": "https://github.com/SwiftDocOrg/Git.git"
                }
            ]
        },
        {
            "bom-ref": "Yams",
            "classification": "library",
            "externalReferences": [
                {
                    "type": "vcs",
                    "url": "https://github.com/jpsim/Yams.git"
                }
            ]
        },
        {
            "bom-ref": "swift-tools-support-core",
            "classification": "library",
            "externalReferences": [
                {
                    "type": "vcs",
                    "url": "https://github.com/apple/swift-tools-support-core.git"
                }
            ]
        },
        {
            "bom-ref": "swift-argument-parser",
            "classification": "library",
            "externalReferences": [
                {
                    "type": "vcs",
                    "url": "https://github.com/apple/swift-argument-parser.git"
                }
            ]
        },
        {
            "bom-ref": "swift-llbuild",
            "classification": "library",
            "externalReferences": [
                {
                    "type": "vcs",
                    "url": "https://github.com/apple/swift-llbuild.git"
                }
            ]
        },
        {
            "bom-ref": "swift-package-manager",
            "classification": "library",
            "externalReferences": [
                {
                    "type": "vcs",
                    "url": "https://github.com/apple/swift-package-manager.git"
                }
            ]
        }
    ]
}
You might also like...
Simple and blunt static site generator

StaticSite This contains a bunch of helper functions to generate a static site in Swift.

qr code generator tool

qr code generator tool Small command line tool for generate and reconition qr codes written in Swift Using Usage: ./qrgen [options] -m, --mode:

An offline random passcode generator.

Passcode-Generator An offline random passcode generator. Usage Generates random passcode. Install Files and source code could be found in releases. Pr

an Apple Watch® BINGO number generator app with histogram and history.

B4-BINGO-Number-Generator an Apple Watch® BINGO number generator app with histogram and history. This is a basic app using the Apple Watch which displ

SMAP: Swiss Topo Map URL Generator

smap - Swiss Topo Map URL Generator Usage: smap [-b] image-file-path Reads fil

BCSwiftTor - Opinionated pure Swift controller for Tor, including full support for Swift 5.5 and Swift Concurrency

BCSwiftTor Opinionated pure Swift controller for Tor, including full support for

Swift Markdown is a Swift package for parsing, building, editing, and analyzing Markdown documents.

Swift Markdown is a Swift package for parsing, building, editing, and analyzing Markdown documents.

Cross-Platform, Protocol-Oriented Programming base library to complement the Swift Standard Library. (Pure Swift, Supports Linux)

SwiftFoundation Cross-Platform, Protocol-Oriented Programming base library to complement the Swift Standard Library. Goals Provide a cross-platform in

Swift - ✏️Swift 공부 저장소✏️

Swift 스위프트의 기초 1. Swift의 기본 2. 변수와 상수 [3. 데이터 타입 기본] [4. 데이터 타입 고급] 5. 연산자 6. 흐름 제어 7. 함수 8. 옵셔널 객체지향 프로그래밍과 스위프트 9. 구조체와 클래스 10. 프로퍼티와 메서드 11. 인스턴스 생

Owner
Mattt
Mattt
This repo shows how to setup and use GitHub Actions as a CI for Swift Packages

GACalc This repo shows how to setup and use GitHub Actions as a CI for Swift Packages. Available environments on GitHib List of the all available envi

Michał Tynior 0 Nov 3, 2021
Write Emacs packages in Swift!

EmacsSwiftModule A Swift library to write Emacs plugins in Swift! Overview Emacs Swift module provides a convenient API for writing dynamic modules fo

Valeriy Savchenko 15 Nov 29, 2022
Project shows how to unit test asynchronous API calls in Swift using Mocking without using any 3rd party software

UnitTestingNetworkCalls-Swift Project shows how to unit test asynchronous API ca

Gary M 0 May 6, 2022
Software Dummy Display Adapter for Apple Silicon Macs to Have Custom HiDPI Resolutions.

BetterDummy Dummy Display for Apple Silicon Macs to achieve custom resolutions. About M1 macs tend to have issues with custom resolutions. Notoriously

Istvan T. 8k Jan 9, 2023
A framework to provide logic designed to prompt users at the ideal moment for a review of your app/software

ReviewKit ReviewKit is a Swift package/framework that provides logic designed to prompt users at the ideal moment for a review of your app. At a basic

Simon Mitchell 25 Jun 7, 2022
A tiny generator of random data for swift

SwiftRandom SwiftRandom is a tiny help suite for generating random data such as Random human stuff like: names, gender, titles, tags, conversations Ra

Kan Yilmaz 559 Dec 29, 2022
GenStore is a lightweight swift code generator for your resources.

GenStore is a lightweight swift code generator for your resources. GenStore can create classes for your images, colors and localized strings.

null 11 Oct 23, 2021
Swift Quote Generator App

Swift_QuoteGeneratorApp UIKit을 이용하 SWIFT APP 예제 <> </>

null 0 Dec 27, 2021
A documentation generator for Swift projects

swift-doc A package for generating documentation for Swift projects. Given a directory of Swift files, swift-doc generates HTML or CommonMark (Markdow

SwiftDoc 1.7k Dec 6, 2022
Forblaze - A Python Mac Steganography Payload Generator

Forblaze - A Python Mac Steganography Payload Generator Author: AsaurusRex Disclaimer DO NOT use this project for purposes other than legitimate red t

null 54 Sep 5, 2022