cargo-cyclonedxThe CycloneDX plugin for cargo creates a custom cargo subcommand that generates a Software Bill-of-Materials (SBOM) file that describes the cargo project.
CycloneDX is a lightweight SBOM specification that is easily created, human and machine readable, and simple to parse.
bash
cargo install cargo-cyclonedx
cargobash
cargo cyclonedx
This produces a bom.xml file adjacent to every Cargo.toml file that exists in the workspace.
--format (xml or json): Defaults to XML output--all: Include the transitive dependencies for the project rather than only the top-level dependencies--manifest-path: where to find the Cargo.toml file if other than the default cargo location of the current directoryCycloneDX Rust Cargo is Copyright (c) OWASP Foundation. All Rights Reserved.
Permission to modify and redistribute is granted under the terms of the Apache 2.0 license. See the [LICENSE] file for the full license.