Perhaps the easiest way to generate a SBOM file is to use GitHub which relative recently added that as feature, Introducing self-service SBOMs.
This feature can be found at the Dependency graph section which is located in the Insights-tab of your project. In that view there is a button to export a SBOM file in the SPDX format.
However if you don't use GitHub then there is a lot of other tools to use, maybe this link, awesome-sbom, can be a good start.
If you have a dotnet project then you can use the sbom-tool from Microsoft like this:
# Go to the root of your project
dotnet tool install Microsoft.Sbom.DotNetTool
Which will add the tool to the tools config file of your project.
# Will output some help on how to use the tool
dotnet tool run sbom-tool
Top comments (0)