Rusty SBOMs

cyclonedx-rust-cargo is emerging as the standard for creating Software Bill of Materials for the Rust ecosystem and the CycloneDX standard

Key facts

Status:: Current
Investment Amount: €248,960.00
Investment Year(s): 2023, 2024

This is one of nine FOSS teams selected for the first round of the STF Contribute Back Challenges and one of five teams selected for the second round. It is in the Securing FOSS Software Production area.

Learn about all the Contribute Back Challenge participants

This project enhances software production security in the Rust ecosystem by contributing to the production-readiness of this common Software Bill of Materials generator.

Round 1: 71,000€

Round 2: 177,960€

Round 1 Summary

Each participating team submitted a final report and included a portion to be published.

Our team significantly enhanced the CycloneDX SBOM generator for Rust, transforming it into a feature-rich, production-ready tool.
This was made possible by the support from the Sovereign Tech Fund and enabled lasting changes and improvements within the broader Rust community and ecosystem as well.

Rusty SBOMs

Key facts

Round 1 Summary

More technologies

Bundler & RubyGems (2022)

Package management for a popular programming language

OpenJS Foundation

Improving Javascript ecosystem infrastructure and security

Pendulum

Providing accurate time on millions of devices and networks fundamental to the internet and other critical infrastructure.

Fortran

Modernizing an established programming language to become more performant and user-friendly for scientific communities

RubyGems & Bundler (2023)

Package management for Ruby, a popular programming language

curl

Powering data transfers