cyclonedx-gomod
« Back to VersTracker
Description:
Creates CycloneDX Software Bill of Materials (SBOM) from Go modules
Type: Formula  |  Latest Version: 1.9.0@0  |  Tracked Since: Dec 17, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: sbom golang security cryptography devops
Install: brew install cyclonedx-gomod
About:
cyclonedx-gomod analyzes Go module dependencies to generate a CycloneDX Software Bill of Materials (SBOM). It provides a standardized machine-readable format to track components, licenses, and vulnerabilities. This tool is essential for enhancing software supply chain security and compliance.
Key Features:
  • Automated dependency scanning
  • CycloneDX SBOM generation
  • Vulnerability reporting
  • Support for Go modules
Use Cases:
  • Generating SBOMs for CI/CD pipelines
  • Compliance auditing for software licenses
  • Vulnerability management and tracking
Alternatives:
  • syft – Syft supports multiple languages but cyclonedx-gomod is specialized for Go.
  • go list -m – Go's native tool lists dependencies but does not generate SBOMs.
License: Apache-2.0
Bottles available for: arm64_tahoe, arm64_sequoia, arm64_sonoma, arm64_ventura, sonoma, ventura, arm64_linux, x86_64_linux
Version History
Detected Version Rev Change Commit
Sep 13, 2025 8:33pm 0 VERSION_BUMP d9952145
Jan 5, 2025 1:52pm 0 VERSION_BUMP 478ce888