notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)Want a good monitor light? See my photosAll times are UTC		 Ukraine
Port details
py-lib4sbom Software bill of material (SBOM) generator and consumer library
0.9.4 security on this many watch lists=0 search for ports that depend on this port Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout 0.8.7Version of this port present on the latest quarterly branch.
Maintainer: tuukka.pasanen@ilmi.fi search for ports maintained by this maintainer
Port Added: 2025-07-16 15:30:18
Last Update: 2026-02-10 14:48:43
Commit Hash: ccc5db8
Also Listed In: python
License: APACHE20
WWW:
https://github.com/anthonyharrison/lib4sbom
Description:
Lib4SBOM is a library to parse and generate Software Bill of Materials (SBOMs). It supports SBOMs created in both SPDX and CycloneDX formats. It has been developed on the assumption that having a generic abstraction of SBOM regardless of the underlying format will be useful to developers. The following facilities are provided: * Generate SPDX SBOM in TagValue, JSON and YAML formats * Generate CycloneDX SBOM in JSON format * Parse SPDX SBOM in TagValue, JSON, YAML, XML and RDF formats * Parse CycloneDX SBOM in JSON and XMLformat * Create and manipulate a SBOM file object * Create and manipulate a SBOM package object * Create and manipulate a SBOM dependency relationship object * Create and manipulate a Vulnerability object * Create and manipulate a Software Service object * Generated SBOM can be output to a file or to the console
Homepage    cgit ¦ Codeberg ¦ GitHub ¦ GitLab ¦ SVNWeb - no subversion history for this port

Manual pages:
FreshPorts has no man page information for this port.
pkg-plist: as obtained via: make generate-plist
There is no configure plist information for this port.
USE_RC_SUBR (Service Scripts)
  • no SUBR information found for this port
Dependency lines:
  • ${PYTHON_PKGNAMEPREFIX}lib4sbom>0:security/py-lib4sbom@${PY_FLAVOR}
To install the port:
cd /usr/ports/security/py-lib4sbom/ && make install clean
To add the package, run one of these commands:
  • pkg install security/py-lib4sbom
  • pkg install py311-lib4sbom
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
NOTE: This is a Python port. Instead of py311-lib4sbom listed in the above command, you can pick from the names under the Packages section.
PKGNAME: py311-lib4sbom
Package flavors (<flavor>: <package>)
  • py311: py311-lib4sbom
distinfo:
TIMESTAMP = 1770636739 SHA256 (anthonyharrison-lib4sbom-v0.9.4_GH0.tar.gz) = 272a12023d0c87845024530afc90dc3e6fd9987753f585d986d63b2e86416345 SIZE (anthonyharrison-lib4sbom-v0.9.4_GH0.tar.gz) = 1974992
Packages (timestamps in pop-ups are UTC):
py311-lib4sbom
ABIaarch64amd64armv6armv7i386powerpcpowerpc64powerpc64le
FreeBSD:13:latest0.9.40.9.4-0.8.70.9.4n/an/an/a
FreeBSD:13:quarterly0.8.70.8.7--0.8.7n/an/an/a
FreeBSD:14:latest0.9.40.9.4-0.8.70.9.4---
FreeBSD:14:quarterly0.8.70.8.7--0.8.7---
FreeBSD:15:latest0.9.40.9.4n/a0.8.7n/an/a--
FreeBSD:15:quarterly0.8.70.8.7n/a-n/an/a--
FreeBSD:16:latest0.9.40.9.4n/a-n/an/a--
Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Build dependencies:
  1. py311-setuptools>0 : devel/py-setuptools@py311
  2. py311-wheel>=0 : devel/py-wheel@py311
  3. python3.11 : lang/python311
  4. py311-build>=0 : devel/py-build@py311
  5. py311-installer>=0 : devel/py-installer@py311
Test dependencies:
  1. py311-pytest>=7,1 : devel/py-pytest@py311
  2. python3.11 : lang/python311
Runtime dependencies:
  1. py311-defusedxml>0 : devel/py-defusedxml@py311
  2. py311-pyyaml>=5.4 : devel/py-pyyaml@py311
  3. py311-requests>=2.32 : www/py-requests@py311
  4. py311-semantic-version>=2.8<3 : devel/py-semantic-version@py311
  5. py311-xmlschema>0 : textproc/py-xmlschema@py311
  6. py311-jsonschema>0 : devel/py-jsonschema@py311
  7. py311-fastjsonschema>0 : devel/py-fastjsonschema@py311
  8. python3.11 : lang/python311
This port is required by:
for Run
  1. security/py-distro2sbom
Configuration Options:
===> The following configuration options are available for py311-lib4sbom-0.9.4: EXAMPLES=on: Build and/or install examples ===> Use 'make config' to modify these settings
Options name:
security_py-lib4sbom
USES:
python
FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (1 items)
Collapse this list.
  1. https://codeload.github.com/anthonyharrison/lib4sbom/tar.gz/v0.9.4?dummy=/
Collapse this list.

Number of commits found: 2

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
CommitCreditsLog message
0.9.4
10 Feb 2026 14:48:43
commit hash: ccc5db8a438a218ab8114cade037445e814846bacommit hash: ccc5db8a438a218ab8114cade037445e814846bacommit hash: ccc5db8a438a218ab8114cade037445e814846bacommit hash: ccc5db8a438a218ab8114cade037445e814846ba files touched by this commit		 Vladimir Druzenko (vvd) search for other commits by this committer
Author: Tuukka Pasanen		 
security/py-lib4sbom: Update 0.8.7 => 0.9.4

Fixes and features:
 * improved service component processing for CycloneDX
 * convert sbom types between SPDX and CycloneDX
 * update licence list
 * distributionConstraints
 * default licence type
 * update suported Python version
 * add SBOM validation debug
 * Invalid CycloneDX SHA algorithm specified (fixes #73)
 * add support for CycloneDX 1.7
 * add support for parsing SPDX documents in in-toto statements
 * optimised CycloneDX JSON schema validation
 * CycloneDX validation fails (fixes #70)
(Only the first 15 lines of the commit message are shown above View all of this commit message)
0.8.7
16 Jul 2025 14:53:24
commit hash: b5444da848e3977e12c8da43895bd03325d2839fcommit hash: b5444da848e3977e12c8da43895bd03325d2839fcommit hash: b5444da848e3977e12c8da43895bd03325d2839fcommit hash: b5444da848e3977e12c8da43895bd03325d2839f files touched by this commit		 Muhammad Moinur Rahman (bofh) search for other commits by this committer
Author: Tuukka Pasanen		 
security/py-lib4sbom: New port

Lib4SBOM is a library to parse and generate Software Bill of Materials
(SBOMs).  It supports SBOMs created in both SPDX and CycloneDX formats.

WWW: https://github.com/anthonyharrison/lib4sbom
PR:		286644
Sponsored by:	The FreeBSD Foundation

Number of commits found: 2
Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
Security Policy
Privacy
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
openssl35Mar 13
openssl36Mar 13
firefoxMar 12
firefoxMar 12
firefoxMar 12
firefox-esrMar 12
thunderbirdMar 12
curlMar 11
curlMar 11
gitlabMar 11
gstreamer1Mar 07
gstreamer1-pluginsMar 07
gstreamer1-plugins-badMar 07
gstreamer1-plugins-goodMar 07
gstreamer1-plugins-uglyMar 07

10 vulnerabilities affecting 227 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last processed:
2026-03-13 15:02:25 UTC


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)

Calculated hourly:
Port count 34162
Broken 108
Deprecated 182
Ignore 224
Forbidden 0
Restricted 2
No CDROM 1
Vulnerable 36
Expired 9
Set to expire 117
Interactive 0
new 24 hours 1
new 48 hours11
new 7 days38
new fortnight55
new month172
Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD 		Valid HTML, CSS, and RSS. Copyright © 2000-2026 Dan Langille. All rights reserved.