Generating SBoMs for BuildStream projects

Name: Generating SBoMs for BuildStream projects
Start: 2026-01-31T16:30:00
End: 2026-01-31T16:30:00
Location: UD2.208 (Decroly)

UD2.208 (Decroly) | Day 2 | 16:30 - 17:00 | Speakers: Abderrahim Kitouni

Copy link

Copy link

Open in browser

Notes

Abstract

BuildStream is a software integration tool that allows building software aggregated from multiple sources in a single pipeline to produce a final output. This final output could be a container image, an operating system image or anything that you can write a plugin for.

In this talk, I present buildstream-sbom. It's a tool that extracts information from a BuildStream project and uses it to generate an SPDX-formatted SBoM. I also discuss the issues that I had translating from BuildStream concepts to SPDX.

Speakers

Abderrahim Kitouni

Software engineer at Codethink, I also maintain a few open source projects such as GNOME OS and BuildStream.

External Links

Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.