Introducing BOM Diggity
BOM Diggity’s primary purpose is to ensure the security and integrity of software programs. It incorporates secret analysis allowing the user to secure crucial information before deploying any parts of the application to the public.
Supports OCI and Docker
Generates SBOMs for container images, filesystems, and more
Scans sensitive information and secrets
Identifies Linux distribution
Converts between SBOM formats such as; CycloneDX, SPDX, etc.
Works seamlessly with Jacked
Diggity GitHub Action
A Github Action that utilizes Diggity to generate SBOM
- Parsers Specification
- Repository and Tar Scanning
- Disable file listing from package metadata
- Exclude secret searching for each specified filenames
Supported Installation OS
BOM Diggity currently supports the following operating systems:
WINDOWS INSTALLATION
BOM Diggity is designed to optimize the security and compliance of your software programs, and it operates smoothly on the Windows OS’ amd64 architecture.
MAC INSTALLATION
With its support for both arm64 and amd64 architectures, Diggity enables secure generation of SBOMs for container images and filesystems on any Mac operating system.
LINUX INSTALLATION
BOM Diggity can easily detect secrets in your container images. This tool can operate on various architectures of the Linux operating system, including amd64, arm64, ppc64le, and s390x.
Supported Ecosystem
Diggity supports all of the following open-source platforms and package managers
Alpine
Conan
Dart
Debian
Dotnet
Go
Hackage
Hex
Java
Javascript
Jenkins Plugins
Objective-C
PHP
Python
Red Hat
Ruby
Rust
Swift
Installation Guide
BOM Diggity is a code-driven analysis tool that maintains compliant and secure code. This page shows how to install Diggity open-source on its supported ecosystems. Get started now!
Recommended
curl -sSfL https://raw.githubusercontent.com/carbonetes/diggity/main/install.sh | sh -s -- -d /usr/local/bin
You can specify a release version and destination directory for the installation:
curl -sSfL https://raw.githubusercontent.com/carbonetes/diggity/main/install.sh | sh -s -- -d <DESTINATION_DIR> -v <RELEASE_VERSION>
Homebrew
brew tap carbonetes/diggity
brew install diggity
Scoop
scoop bucket add diggity https://github.com/carbonetes/diggity-bucket
scoop install diggity
Useful Commands and Flags
brew tap carbonetes/diggity
brew install diggity
Available Commands and their flags with description:
diggity config [flag]
Output Formats
The output format for BrainIAC is configurable as well using the -o (or ‐‐output ) option:
The available formats are:
- table : A columnar summary (default).
- json : Use this to get as much information out of BrainIAC.
- cyclonedx-xml : : An XML report conforming to the CycloneDX 1.4 specification.
- cyclonedx-json : A JSON report conforming to the CycloneDX 1.4 specification.
- spdx-tag-value : A tag-value formatted report conforming to the SPDX 2.2 specification.
- spdx-json : A JSON report conforming to the SPDX 2.2 JSON Schema format.
- spdx-yml : A YAML report conforming to the SPDX 2.2 YAML Schema format.
- github-json : A JSON report conforming to the dependency snapshot format of Github