The OpenSSF has a working group called SBOM Everywhere, one of the projects this group is working on is a place to catalog as much SBOM related information as possible. Because the OpenSSF has a focus on open source, we’re doing it as an open source project! The goal is to capture anything that’s SBOM related and make it easy to find. Projects, documents, standards, working groups, anything that could be useful.
The SBOM catalog can be seen at https://sbom-catalog.openssf.org/ - It’s actually two tools, the Wiki and the catalog. The Wiki is to capture more static information like documents and standards. Our goal is to link to as many things as we can.
The Catalog is where we can add tooling with a variety of uses. You have the ability to filter results, view a list or a tree, arrange which filters to apply in which order. It’s a very interactive tool. There are a lot of tools and figuring out which tool does what you need is a challenge, we want to make it easier. It’s a read only website, feel free to push buttons and see what it can do. If something breaks, let us know!
Anyone can contribute to this. It’s open source! You can see all the details in our GitHub repo https://github.com/ossf/sbom-everywhere
We are trying to capture and track as much information about the SBOM ecosystem we can. Meetings, projects, tools, formats, standards, everything. If you’re unsure, let’s chat about it, you can find our details here https://sbom-catalog.openssf.org/about-us.html
Open an issue in GitHub https://github.com/ossf/sbom-everywhere/issues We’re working on a nice contributing guide, but the issue is easiest right now. The guide is still a few weeks out probably.
We accept all tools, not only open-source tools. Feel free to open an issue if you’re unsure. We’re happy to discuss anything.
Contributions to the SBOM Catalog and Wiki should be considered under the Apache 2.0 open source license