Metadata-Version: 2.4
Name: rbom
Version: 0.1.4
Summary: Release Bill of Materials (RBOM)
Project-URL: Homepage, https://github.com/spockops/rbom
Project-URL: Issues, https://github.com/spockops/rbom/issues
Author-email: Example Author <dev@spockops.com>
License-Expression: Apache-2.0
License-File: LICENSE
Keywords: bom,compliance,rbom,release bill of materials,release management,sbom,security,software bill of materials,spockops
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Education
Classifier: Intended Audience :: End Users/Desktop
Classifier: Intended Audience :: Financial and Insurance Industry
Classifier: Intended Audience :: Healthcare Industry
Classifier: Intended Audience :: Information Technology
Classifier: Intended Audience :: Legal Industry
Classifier: Intended Audience :: Manufacturing
Classifier: Intended Audience :: Other Audience
Classifier: Intended Audience :: Science/Research
Classifier: Intended Audience :: System Administrators
Classifier: Intended Audience :: Telecommunications Industry
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Build Tools
Requires-Python: >=3.11
Requires-Dist: click>=8.2.1
Requires-Dist: cryptography>=45.0.2
Requires-Dist: pygithub>=2.6.1
Requires-Dist: pytest>=8.3.5
Requires-Dist: pyyaml>=6.0.2
Requires-Dist: twine>=6.1.0
Provides-Extra: dev
Requires-Dist: pytest>=7.0.0; extra == 'dev'
Description-Content-Type: text/markdown

<div align="center">
    <h1 align="center">RBOM</h1>

</div>

<div align="center">
  <h4>Release Bill Of Materials</h4>
</div>
<br/>
<p align="center">
<a href="https://pypi.org/project/rbom/"><img alt="DRF" src="https://img.shields.io/badge/certified_by-RBOM_0.1-ffc900?"></a>
<a href="https://opensource.org/licenses/Apache-2.0"><img alt="PyPI" src="https://img.shields.io/badge/License-Apache_2.0-blue.svg"></a>
<a href="https://pypi.org/project/rbom/"><img alt="PyPI" src="https://img.shields.io/pypi/v/rbom"></a>

</p>

### Overview 

A standardised format for releases to attest the where, what and how a release was made, packaged and sealed as a parsable ``rbom.signed.yaml`` file.

> Under development, package version v1.0.0 will be production ready.

### Installation 

```bash
pip install rbom
```

### Usage
```bash
rbom --help
```

### Signing 

Generate RSA Key Pair 

```bash
# private
openssl genrsa -out private_rbom_key.pem 2048
# public
openssl rsa -in private_rbom_key.pem -pubout -out public_rbom_key.pem
```