This repository contains a very simple Nodejs BOM generator for REUSE compliant source code. It's used in some of our example projects to generate an SPDX bill of material.
Jonas Oberg 17d19d1653 Update with new location and small fixes. 5 months ago
src Update with new location and small fixes. 5 months ago
LICENSE Initial commit 7 months ago Update with new location and small fixes. 5 months ago


standard-readme compliant

This repository isn't much used right now. The only tool right now, which is barely useful, is a horrific piece of code which generates a bill of materials in SPDX format, from a repository which follows the REUSE Compliance practices.


To run lint-bom to generate an SPDX bill of material, you must first ensure the relevant dependencies are installed first, in a global location, using npm -g update in the src/ directory.


After this, if you have source code in /home/foo/src for which you'd like to generate an SPDX file, do this:

$ cd /home/foo/src
$ node /path/to/lint-bom/src/lint-bom > LICENSE.spdx

This will create a LICENSE.spdx file conformant to v2.1 of the SPDX specification, with information extracted automatically from the source files in the current directory, following the REUSE practices available here:


Pull requests and patched happily accepted. The original repository location is here:

To be able to make a pull request on it, you need an account on that Gitea instance. If you intend to make occasional contributions to the REUSE project or any other FSFE activity, having an account makes sense and you can get one by doing this:

  • Register on
  • Send an email to letting him know you registered, and what e-mail address you use.
  • Once you've been confirmed, you can set a username to login to

If you don't intend to make very many contributions, you may fork the repository elsewhere, create a patch, or do what else is convenient for you, and send your contribution to


This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.