Skip to content

feat: add make sbom / install-sbom / uninstall-sbom targets#410

Open
MarkAtwood wants to merge 2 commits into
wolfSSL:masterfrom
MarkAtwood:feat/add-make-sbom
Open

feat: add make sbom / install-sbom / uninstall-sbom targets#410
MarkAtwood wants to merge 2 commits into
wolfSSL:masterfrom
MarkAtwood:feat/add-make-sbom

Conversation

@MarkAtwood

@MarkAtwood MarkAtwood commented Jun 23, 2026

Copy link
Copy Markdown

Summary

  • Adds make sbom, make install-sbom, and make uninstall-sbom targets to wolfProvider's autotools build for EU CRA compliance evidence (CycloneDX 1.6 + SPDX 2.3 output)
  • Adds AC_CHECK_PROG checks for python3 and pyspdxtools in configure.ac

Usage

make sbom WOLFSSL_DIR=/path/to/wolfssl
# produces: wolfprov-1.1.1.cdx.json  wolfprov-1.1.1.spdx.json  wolfprov-1.1.1.spdx
pyspdxtools --infile wolfprov-1.1.1.spdx.json   # must pass

make install-sbom   # installs to $(datadir)/doc/wolfprov/
make uninstall-sbom

WOLFSSL_DIR must point to a wolfssl checkout containing scripts/gen-sbom (branch feat/sbom-embedded, or master once wolfSSL/wolfssl#10343 merges).

Notes

  • Product name is wolfprov throughout (matches AC_INIT and lib_LTLIBRARIES), not wolfprovider
  • No generated options.h; uses installed wolfssl's options.h via $(WOLFSSL_INCLUDEDIR)/wolfssl/options.h. WOLFSSL_DIR defaults to $(WOLFSSL_INSTALL_DIR) (set by --with-wolfssl= at configure time)
  • wolfProvider's libtool default SONAME is libwolfprov.so.0.0.0 (no -version-info set) — --lib path uses this literal, not the package version 1.1.1
  • Known limitation: if wolfssl was found via pkg-config rather than --with-wolfssl, WOLFSSL_INSTALL_DIR may be malformed; pass WOLFSSL_DIR= explicitly in that case

@MarkAtwood
feat: add make sbom / install-sbom / uninstall-sbom targets
225924e 
Adds CycloneDX + SPDX SBOM generation via wolfssl's gen-sbom script.
Usage: make sbom WOLFSSL_DIR=/path/to/wolfssl

wolfProvider has no generated options.h; uses installed wolfssl's
options.h. WOLFSSL_DIR defaults to WOLFSSL_INSTALL_DIR. SONAME is
libwolfprov.so.0.0.0 (libtool default, no version-info set).
Copilot AI review requested due to automatic review settings June 23, 2026 22:35
@MarkAtwood MarkAtwood requested a review from sameehj June 23, 2026 22:36
Copilot AI reviewed Jun 23, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds SBOM generation and install/uninstall targets to the autotools build so wolfProvider can emit CycloneDX 1.6 and SPDX 2.3 artifacts (via wolfSSL’s gen-sbom script), plus configure-time discovery of required tooling.

Changes:

  • Add make sbom, make install-sbom, and make uninstall-sbom targets that stage-install the built artifacts and generate CycloneDX/SPDX outputs.
  • Add AC_CHECK_PROG checks for python3 and pyspdxtools in configure.ac.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File Description
Makefile.am Adds SBOM generation and install/uninstall targets and related variables.
configure.ac Adds checks for python3 and pyspdxtools availability.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread Makefile.am
# ---------------------------------------------------------------------------
# SBOM generation (CycloneDX + SPDX) via wolfssl's gen-sbom script
# ---------------------------------------------------------------------------
WOLFSSL_DIR ?= $(WOLFSSL_INSTALL_DIR)
Comment thread Makefile.am
WOLFSSL_DIR ?= $(WOLFSSL_INSTALL_DIR)
WOLFSSL_INCLUDEDIR ?= $(WOLFSSL_DIR)/include
PRODUCT = wolfprov
VERSION = $(shell grep LIBWOLFPROV_VERSION_STRING $(srcdir)/include/wolfprovider/version.h 2>/dev/null | sed 's/.*"\(.*\)".*/\1/')
Comment thread Makefile.am
Comment on lines +76 to +80
@if test -z "$(PYTHON3)"; then \
echo "ERROR: python3 not found in PATH."; exit 1; fi
$(MAKE) install DESTDIR=$(builddir)/_sbom_stage
$(PYTHON3) $(GEN_SBOM) $(SBOM_OPTS)
rm -rf $(builddir)/_sbom_stage
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@sameehj sameehj Awaiting requested review from sameehj

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MarkAtwood