Mark1
13 April 2026 21:54
1
We got our first ‘request’ for an SBOM this morning.
How do people generate these?
Seems like you could dig forever.
I note a link to Blint from 2024, do people use that, is what it produces complete, do you have to add or prune its output?
Thanks
There are lots of projects out there which purport to do it.
This project is by Olaf Moinien, a very capable MVP. It’s free and open source: GitHub - omonien/DX.Comply: Generate CycloneDX SBOMs for Delphi projects — EU Cyber Resilience Act compliance in one click · GitHub
There are others but of the ones I’ve seen this is the most active.
wlandgraf
13 April 2026 23:55
3
TMS Smart Setup now also generates SBOM for installed components/dependencies and projects built. The binary is not released yet (3.2) but the source code is already there and can be built from it.
---
uid: SmartSetup.Command.SbomGenerate
---
# tms sbom-generate
Generates a CycloneDX SBOM file for the specified products.
## Synopsis
```shell
tms sbom-generate <product-ids> [-force] [<global-options>]
```
## Description
Creates a [CycloneDX](https://cyclonedx.org/) Software Bill of Materials (`.cdx.json`) file for each matching product. The file is written to the product's root folder and named after the product ID (for example, `tms.biz.aurelius.cdx.json`).
The generated SBOM includes product metadata (name, version, description, copyright, publisher, license, and external references) and a components section listing all declared dependencies.
show original