At Wed, 11 Mar 2026 15:46:04 -0700, Alistair Crooks <[email protected]> wrote: Subject: Re: Regarding Software Bill of Materials (SBOM) plans for NetBSD > > On a completely different tangent, I've just added pkgsrc/pkgtools/depgraph > which produces dependency graphs for a package, or number of packages. This > gives dependency information in graphical form (i.e. prerequisite), license > information for each package, metadata for the machine the report is run > on, and can output in standard format or in JSON (this is meant for the > ingest engines and data analytics of larger places which just scoop that > kind of data up), and could easily be used with the package metadata to > produce SBOMs.
Wow!
I wish I had a tool like that way back in the early days of pkgsrc! I
envisioned one, but never took/found the time to try to write one!
--
Greg A. Woods <[email protected]>
Kelowna, BC +1 250 762-7675 RoboHack <[email protected]>
Planix, Inc. <[email protected]> Avoncote Farms <[email protected]>
pgpJ7bVmZUEPQ.pgp
Description: OpenPGP Digital Signature
