Microsoft SBOM Tool

A general purpose, enterprise-proven, build-time Software Bill of Materials (SBOM) generator by Microsoft that produces SPDX 2.2 compatible SBOMs for various artifact types and ecosystems.

Latest: 4.1.5

Last checked: Feb 27, 2026 4:50am

Rank: 1315/15140

Monitored via:

GitHub Releases Winget Request more monitors

Follow to track new versions in your feed.

Overview

License: MIT LicenseWinget: Available

Product Page Support Page Download Page

Version & Lifecycle

Current: 4.1.5 N-2: 4.1.1 Oldest supported: 1.0.0 Avg cadence: Every 96 days

Top Contributors

Top sitewide contributors:

View full leaderboard →

Community Notes

No community notes yet

Be the first to as a good question or share deployment tips, customization scripts, command lines, or troubleshooting steps.

See examples

Release Notes & Updates

Avg cadence: —

Next anticipated release: —

Updates • 0

Help us match vulnerabilities

No vulnerability match yet. Pick the right product:

Looking for matching products…

Don’t see it? Paste a CPE

Also known as

Other names people use for this app — helps search and matching.

SBOMTool

Packaging Notes

Cross-platform tool supporting Windows, Linux, and Mac; integrates with multiple package managers and ecosystems including NuGet, NPM, PyPI, Maven, and more.

Notes

The tool is open source, supports multiple platforms, and is designed to improve software transparency and supply chain security. It generates SBOMs in SPDX format and can be integrated into build pipelines.

Microsoft SBOM Tool

Overview

Version & Lifecycle

Tags

Top Contributors

Community Notes

No community notes yet

Release Notes & Updates

Help us match vulnerabilities

Also known as

Packaging Notes

Notes

Contribute a Community Note

Report an Issue

Explore

Account