I am trying to generate SBOM for Java, Python, ios(Swift) and Android (kotlin) project. I need to follow the NTIA guidelines for minimum element for SBOM (https://www.ntia.doc.gov/files/ntia/publications/sbom_minimum_elements_report.pdf). These elements are Supplier Name, Component Name, Version of the component, Other identifier, dependency relationship, Author of SBOM data and timestamp.
I tried command line SNYK and SYFT to generate SBOM for my projects Java and Python projects in SPDX format. Neither of the tools generates Supplier name.
Syft did not generate the SBOM for my ios project. Still to perform SNYK test for ios project.
Have anyone used some other tools to generate SBOM with minimum NTIA required fields. Is there any tool to generate report in word or pdf format based on the generated json?
