Software Bill of Materials

A software supply chain comprises the components, libraries, tools, and processes used to develop, build, and publish a software artefact. Software vendors often create products by assembling open-source and commercial software components. A software bill of materials (SBOM) declares the inventory of components used to build a software artefact such as a software application. It is analogous to a list of ingredients on food packaging: where you might consult a label to avoid foods.