cyclonedx-bom dependencies

Cyclonedx Bom is used in Python projects. CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments It has 6 direct runtime dependencies. Check its dependency graph on PyDeps to understand the full transitive dependency tree, reverse dependents, known CVEs, and license compatibility before installing.

What is cyclonedx-bom?

CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments

What are the dependencies of cyclonedx-bom?

cyclonedx-bom declares 6 direct runtime dependencies on PyPI. Each one is resolved into the full dependency tree below:

cyclonedx-bom transitive dependencies

Beyond its direct dependencies, cyclonedx-bom can pull in further packages through its dependency tree. PyDeps resolves the entire chain from PyPI and deps.dev so you can see every transitive (nested) dependency of cyclonedx-bom, expand any node on demand, and understand the full set of code that ships when you run pip install cyclonedx-bom.

Does cyclonedx-bom have known vulnerabilities (CVEs)?

PyDeps checks cyclonedx-bom and every package in its dependency tree against the OSV vulnerability database in real time. For each CVE you can see the severity, the affected version ranges, and the first fixed version, so you know exactly which cyclonedx-bom version is safe to install before you ship.

What license does cyclonedx-bom use?

cyclonedx-bom is distributed under the Apache-2.0 license. PyDeps also shows the license of every dependency in the tree so you can audit license compatibility across your whole cyclonedx-bom install, not just the top-level package.

How to install cyclonedx-bom with all dependencies

Install from PyPI with pip install cyclonedx-bom. For offline or air-gapped environments, PyDeps can download cyclonedx-bom together with every resolved dependency as wheel files in a single bundle, matched to your target Python version and operating system.

Which packages depend on cyclonedx-bom?

Switch to the dependents view to see the reverse dependencies of cyclonedx-bom — the PyPI packages that list cyclonedx-bom as a requirement. Reverse dependencies are a strong signal of how widely a package is trusted and how disruptive a breaking change would be.

Packages related to cyclonedx-bom

PyDeps