Homebrew Tap for sbom-tools

Homebrew formulae for sbom-tools — a semantic SBOM diff and analysis tool.

Installation

brew install sbom-tool/tap/sbom-tools

Homebrew builds from source and verifies the source tarball SHA256 automatically. No manual verification is needed.

Upgrading

brew update
brew upgrade sbom-tools

Verifying pre-built binary downloads

If you download pre-built binaries from GitHub Releases instead of using Homebrew, each archive is signed with Sigstore and has a GitHub build attestation:

# Verify Sigstore signature (replace version tag)
cosign verify-blob \
  --bundle sbom-tools-macos-aarch64.tar.gz.bundle \
  --certificate-identity 'https://github.com/sbom-tool/sbom-tools/.github/workflows/publish-crates.yml@refs/tags/v0.1.15' \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  sbom-tools-macos-aarch64.tar.gz

# Verify GitHub attestation
gh attestation verify sbom-tools-macos-aarch64.tar.gz \
  --repo sbom-tool/sbom-tools

License

MIT

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
.github/workflows		.github/workflows
Formula		Formula
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Homebrew Tap for sbom-tools

Installation

Upgrading

Verifying pre-built binary downloads

License

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

Homebrew Tap for sbom-tools

Installation

Upgrading

Verifying pre-built binary downloads

License

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages