FICHA · AUR

docker-sbom

Plugin for Docker CLI to support SBOM creation using Syft

  • Plugin
  • CLI
  • SECURITY
  • Dev
  • Launchable
  • Runs in terminal
official+codex · reviewed · May 31, 2026 description in en

Description

Software bills of materials can be generated for container images through a Docker CLI plugin backed by Syft. It helps teams understand which packages and libraries are present inside an image.

An SBOM is an inventory aid, not a full vulnerability review. Keep generated reports with the matching image version and protect them when they reveal internal software details.

How to run

docker sbom

Commands: docker sbom

Permissions

Permissions not analysed for this source yet.