Skip to content

Latest commit

 

History

History

python

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
artifacts
artifacts
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
public-key.cbor
public-key.cbor
 
 
script.sh
script.sh
 
 

README.md

Python Example

You will need a CLI that can produce and consume SCITT transparent statements. This one supports RFC9162 and json, and is 🚧 EXPERIMENTAL 🚧.

npm i -g @transmute/cli
pip install cyclonedx-bom

Create the SBOM

Create a cyclonedx sbom in xml format.

cyclonedx-py -i  artifacts/requirements.txt -r --output artifacts/_manifest/artifact.cdx.xml

Make Transparent SBOM

Sign the sbom, register the signature, attach the receipt to the signature, produce a transparent statement.

./script.sh