rorix sbom

Generate a Software Bill of Materials (SBOM) from your .NET project dependencies.

Usage

rorix sbom [path] [options]

If no path is provided, Rorix uses the current directory.

Options

| Option | Default | Description | | --- | --- | --- | | --format | cyclonedx | SBOM format: cyclonedx or spdx | | --output | — | Write SBOM to a file instead of stdout |

Examples

Generate CycloneDX SBOM to stdout

rorix sbom

Write SBOM to a file

rorix sbom --output sbom.json

Generate SPDX format

rorix sbom --format spdx --output sbom.spdx.json

Generate SBOM for a specific project

rorix sbom ./src/MyApp/MyApp.csproj --output myapp-sbom.json

Output

The generated SBOM includes:

• All direct and transitive dependencies
• Package versions and download locations
• License information for each component
• Dependency relationships
• Vulnerability references (CycloneDX)

See the SBOM Formats page for details on CycloneDX vs SPDX.