cyclonedx-bom

v0.8.1 Growing

CycloneDX Software Bill of Materials Library

Apache-2.0 Edition 2021 MSRV 1.85.0

Encoding Parser implementations #dependencies#components#bom#owasp#sbom

GitHub ↗ crates.io ↗ Compare with…

Quick Verdict

✓Actively maintained (updated 8d ago)
!Pre-1.0: API may have breaking changes
✓Trusted by 203 crates
✓Permissive license (Apache-2.0)

Security

Checking security advisories...

Downloads

722.1K

Dependents

203

Releases

Size

189KB

Deep Insights

📈

Strong growth momentum

190.2K downloads in the last 30 days (6.3K/day), up 70% from the previous period.

🔗

Moderate adoption

203 crates depend on cyclonedx-bom. Reasonable ecosystem adoption, though not yet a core dependency.

🔬

Pre-1.0 for over a year

Despite being 5+ years old, cyclonedx-bom hasn't reached 1.0 yet. Expect potential API changes between versions.

🌟

Used by top crates

Notable dependents include cargo-cyclonedx, libcnb, sbom-walker, hipcheck, uv-resolver. When high-quality crates choose cyclonedx-bom, it's a strong quality signal.

Health Breakdown

Maintenance 17/25

Recency, release consistency, active ratio

Quality 11/25

Yanked ratio, deps, size, maturity, features

Community 16/20

Reverse deps, ownership, ecosystem

Popularity 7/15

Downloads, momentum, growth trend

Documentation 12/15

Docs, repo, license, metadata

Download Trend

Daily downloads · last 90 days

4K/day avg+153%

Top Dependents

Most downloaded crates that depend on cyclonedx-bom

Version Adoption

v0.8.0

83%

v0.6.2

v0.7.0

v0.4.3

v0.5.0

Release Timeline

19 releasessince 2020

2020

2021

2022

2023

2024

2025

2026

Less

README

Loading README...

Maintainers

Dependencies

direct dependencies